urlscan.io logo urlscan.io
SecurityTrails logo

pt.ldplayer.net Open in urlscan Pro
99.84.191.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Submission: On November 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 11 countries across 116 domains to perform 473 HTTP transactions. The main IP is 99.84.191.93, located in United States and belongs to AMAZON-02, US. The main domain is pt.ldplayer.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 9th 2023. Valid for: a year.
This is the only time pt.ldplayer.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 99.84.191.93 16509 (AMAZON-02)
5 2607:f8b0:402... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 2607:f8b0:402... 15169 (GOOGLE)
68 99.84.208.112 16509 (AMAZON-02)
4 2607:f8b0:402... 15169 (GOOGLE)
4 2600:9000:24f... 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
5 18.67.76.99 16509 (AMAZON-02)
2 141.95.33.111 16276 (OVH)
2 74.119.119.139 19750 (AS-CRITEO)
1 2a04:4e42:400... 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2607:f8b0:402... 15169 (GOOGLE)
7 172.67.68.162 13335 (CLOUDFLAR...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
2 37.157.6.233 198622 (ADFORM)
1 147.135.94.208 16276 (OVH)
3 147.75.195.55 54825 (PACKET)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 2 35.227.252.103 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
1 2602:803:c002... 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:402... 15169 (GOOGLE)
1 18.160.18.62 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 3 23.32.172.185 16625 (AKAMAI-AS)
8 23.47.170.102 16625 (AKAMAI-AS)
1 162.19.138.117 16276 (OVH)
5 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2001:4998:14:... 14777 (YAHOO)
4 103.235.46.191 55967 (BAIDU Bei...)
3 2607:f8b0:402... 15169 (GOOGLE)
8 2607:f8b0:402... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:402... 15169 (GOOGLE)
16 2607:f8b0:402... 15169 (GOOGLE)
7 2607:f8b0:402... 15169 (GOOGLE)
3 11 35.244.159.8 15169 (GOOGLE)
1 2620:100:a001... 19750 (AS-CRITEO)
7 10 8.43.72.97 26667 (RUBICONPR...)
3 2607:f8b0:402... 15169 (GOOGLE)
1 76.13.32.146 26101 (YAHOO-BF1)
6 23.37.113.15 16625 (AKAMAI-AS)
2 3 151.101.66.49 54113 (FASTLY)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
3 7 52.46.128.147 16509 (AMAZON-02)
7 15.197.193.217 16509 (AMAZON-02)
12 16 172.217.13.98 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
4 52.116.53.150 36351 (SOFTLAYER)
13 2620:100:a001::4 19750 (AS-CRITEO)
1 74.119.119.147 19750 (AS-CRITEO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
13 2620:100:a001::9 19750 (AS-CRITEO)
2 2620:100:a001... 19750 (AS-CRITEO)
8 2607:f8b0:402... 15169 (GOOGLE)
12 34.149.135.28 396982 (GOOGLE-CL...)
1 1 8.39.36.142 26667 (RUBICONPR...)
4 34.149.40.38 15169 (GOOGLE)
1 4 104.36.115.113 62713 (AS-PUBMATIC)
1 1 23.83.76.85 395954 (LEASEWEB-...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
10 13 8.43.72.98 26667 (RUBICONPR...)
2 3 52.95.115.196 16509 (AMAZON-02)
8 8 54.147.207.87 14618 (AMAZON-AES)
1 1 2600:9000:24f... 16509 (AMAZON-02)
1 1 2600:9000:247... 16509 (AMAZON-02)
1 3.162.125.73 16509 (AMAZON-02)
5 6 34.200.65.202 14618 (AMAZON-AES)
1 23.223.209.211 20940 (AKAMAI-ASN1)
7 8 68.67.160.132 29990 (ASN-APPNEX)
4 7 34.111.113.62 396982 (GOOGLE-CL...)
1 63.251.86.49 10913 (INTERNAP-BLK)
2 3 18.210.186.30 14618 (AMAZON-AES)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2 23.83.76.39 395954 (LEASEWEB-...)
3 3 198.148.27.131 19189 (PULSEPOINT)
3 7 23.105.12.136 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
9 162.248.18.37 62713 (AS-PUBMATIC)
2 17 8.28.7.83 62713 (AS-PUBMATIC)
2 8.18.47.7 398989 (DEEPINTENT)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 173.231.178.83 32475 (SINGLEHOP...)
3 6 35.211.178.172 15169 (GOOGLE)
2 2 52.44.65.34 14618 (AMAZON-AES)
1 1 199.38.167.130 54312 (ROCKETFUEL)
2 2 54.165.64.233 14618 (AMAZON-AES)
2 2 54.167.230.104 14618 (AMAZON-AES)
1 2 3.224.166.52 14618 (AMAZON-AES)
3 3 74.119.119.150 19750 (AS-CRITEO)
2 3 178.250.7.11 44788 (ASN-CRITE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 64.74.236.95 19024 (INTERNAP-...)
1 40.76.134.238 8075 (MICROSOFT...)
1 3 35.71.139.29 16509 (AMAZON-02)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
4 162.248.18.34 62713 (AS-PUBMATIC)
2 2 54.146.239.191 14618 (AMAZON-AES)
6 6 2606:ae80:145... 25751 (VALUECLICK)
1 3.82.133.217 14618 (AMAZON-AES)
5 5 207.198.113.88 13768 (COGECO-PEER1)
1 2 165.254.203.172 2914 (NTT-LTD-2914)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
7 7 185.167.164.39 198622 (ADFORM)
4 5 63.34.193.74 16509 (AMAZON-02)
1 68.67.153.61 29990 (ASN-APPNEX)
1 159.89.25.223 14061 (DIGITALOC...)
2 51.222.239.230 16276 (OVH)
1 5 172.98.26.245 399668 (E-PLANNING-)
1 1 207.198.113.230 13768 (COGECO-PEER1)
1 1 3.223.92.136 14618 (AMAZON-AES)
13 172.98.26.246 399668 (E-PLANNING-)
1 8.2.110.17 46636 (NATCOWEB)
2 172.98.26.242 399668 (E-PLANNING-)
1 1 69.166.1.66 27630 (AS-XFERNET)
3 3 18.211.228.116 14618 (AMAZON-AES)
1 1 8.2.108.175 46636 (NATCOWEB)
1 1 8.2.110.33 46636 (NATCOWEB)
1 1 8.2.110.134 ()
1 1 34.225.59.34 14618 (AMAZON-AES)
1 1 172.240.155.100 7979 (SERVERS-COM)
2 8 172.64.151.101 13335 (CLOUDFLAR...)
1 205.234.175.175 30081 (CACHENETW...)
2 4 35.190.60.146 15169 (GOOGLE)
1 2 69.90.254.78 13768 (COGECO-PEER1)
1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.162.203 15169 (GOOGLE)
1 1 172.105.203.31 63949 (AKAMAI-LI...)
1 1 216.200.232.253 30419 (MEDIAMATH...)
4 4 199.127.204.171 26120 (RHYTHMONE)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 23.36.85.188 16625 (AKAMAI-AS)
1 2 44.218.53.191 14618 (AMAZON-AES)
1 3.213.91.23 14618 (AMAZON-AES)
1 52.200.82.255 14618 (AMAZON-AES)
1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 34.251.59.251 16509 (AMAZON-02)
2 54.145.174.153 14618 (AMAZON-AES)
1 12 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.160.46.59 16509 (AMAZON-02)
2 54.88.170.211 14618 (AMAZON-AES)
1 174.137.133.32 27257 (WEBAIR-IN...)
3 3 34.233.202.199 14618 (AMAZON-AES)
1 2600:1f18:ed:... ()
2 34.227.124.92 14618 (AMAZON-AES)
13 54.87.127.173 14618 (AMAZON-AES)
1 1 131.153.172.92 19437 (SS-ASH)
1 1 124.146.153.165 2514 (INFOSPHER...)
2 2 2606:4700:1::... 13335 (CLOUDFLAR...)
1 1 23.216.137.114 16625 (AKAMAI-AS)
1 23.203.241.151 16625 (AKAMAI-AS)
473 121
1    99.84.191.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-93.iad89.r.cloudfront.net
pt.ldplayer.net
5    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
24    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
68    99.84.208.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-112.iad79.r.cloudfront.net
ldcdn.ldmnq.com
4    2607:f8b0:4020:807::2016 (Montreal, Canada)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
4    2600:9000:24f4:1a00:f:2cbf:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
encdn.ldmnq.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
5    18.67.76.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-99.iad89.r.cloudfront.net
tagan.adlightning.com
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
apis.google.com
7    172.67.68.162 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
1    147.135.94.208 (United States)

ASN16276 (OVH, FR)
PTR: ip208.ip-147-135-94.us
prg.smartadserver.com
3    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    2602:803:c002:300::97 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
3    2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.160.18.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-62.iad12.r.cloudfront.net
apipt.ldplayer.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
3    2607:f8b0:4020:805::200d (Montreal, Canada)

ASN15169 (GOOGLE, US)
accounts.google.com
8    2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    2607:f8b0:4020:805::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagservices.com
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
setupad-d.openx.net
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
10    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-us-east.rubiconproject.com
3    2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
1    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
6    23.37.113.15 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-113-15.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    2600:1f18:4e9:5a02:14c3:cc7e:2a56:2ee8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
7    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
16    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
cm.g.doubleclick.net
2    2607:f8b0:4020:804::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
1    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com
8proof.com
13    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)
imageproxy.us.criteo.net
2    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
8    2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    34.149.135.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.135.149.34.bc.googleusercontent.com
g.rtbrain.app
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
4    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    23.83.76.85 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
13    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    54.147.207.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-207-87.compute-1.amazonaws.com
match.prod.bidr.io
1    2600:9000:24f5:9400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:2479:5600:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    3.162.125.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-73.iad61.r.cloudfront.net
syncv4.intentiq.com
6    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
1    23.223.209.211 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-209-211.deploy.static.akamaitechnologies.com
hb.yahoo.net
8    68.67.160.132 (Fairfield, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
3    18.210.186.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-186-30.compute-1.amazonaws.com
match.sharethrough.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
2    23.83.76.39 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
3    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    23.105.12.136 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
sync.smartadserver.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
17    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
6    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    52.44.65.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-65-34.compute-1.amazonaws.com
ads.creative-serving.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    54.165.64.233 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-64-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.167.230.104 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-230-104.compute-1.amazonaws.com
pm.w55c.net
2    3.224.166.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-166-52.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.eu.criteo.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    64.74.236.95 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
4    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    54.146.239.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-239-191.compute-1.amazonaws.com
sync.ipredictive.com
6    2606:ae80:1451:18::1690 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
retargetly-match.dotomi.com
1    3.82.133.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-133-217.compute-1.amazonaws.com
rtb.adentifi.com
5    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    165.254.203.172 (United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    63.34.193.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-193-74.eu-west-1.compute.amazonaws.com
a.audrte.com
1    68.67.153.61 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.nym2.adnexus.net
prebid.adnxs.com
1    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
2    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
5    172.98.26.245 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
1    207.198.113.230 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    3.223.92.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-92-136.compute-1.amazonaws.com
sync.crwdcntrl.net
13    172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-iad04.e-planning.net
1    8.2.110.17 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    172.98.26.242 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    18.211.228.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-228-116.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    8.2.110.33 (United States)

ASN46636 (NATCOWEB, US)
us.shb-sync.com
1    8.2.110.134 (None, )

ASN- ()
cs.krushmedia.com
1    34.225.59.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-59-34.compute-1.amazonaws.com
cookies.nextmillmedia.com
1    172.240.155.100 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
1    205.234.175.175 (Carrollton, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    35.214.162.203 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 203.162.214.35.bc.googleusercontent.com
csync.loopme.me
1    172.105.203.31 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    23.36.85.188 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-85-188.deploy.static.akamaitechnologies.com
px.owneriq.net
2    44.218.53.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-53-191.compute-1.amazonaws.com
thrtle.com
1    3.213.91.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-91-23.compute-1.amazonaws.com
crb.kargo.com
1    52.200.82.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-82-255.compute-1.amazonaws.com
sync.bfmio.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.251.59.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-59-251.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
2    54.145.174.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-174-153.compute-1.amazonaws.com
bcp.crwdcntrl.net
12    2606:4700:10::6816:108d (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
pdp-cdn.retargetly.com
app.retargetly.com
1    18.160.46.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-59.iad55.r.cloudfront.net
tags.crwdcntrl.net
2    54.88.170.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-170-211.compute-1.amazonaws.com
rtb.gumgum.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
3    34.233.202.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-202-199.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550f:c919:35a9:9cba:2762 (None, )

ASN- ()
i6.liadm.com
2    34.227.124.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-124-92.compute-1.amazonaws.com
pdp-service.retargetly.com
13    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
1    131.153.172.92 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    124.146.153.165 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
1    23.216.137.114 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-137-114.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    23.203.241.151 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-241-151.deploy.static.akamaitechnologies.com
sync.teads.tv
Apex Domain
Subdomains		 Transfer
72 ldmnq.com
ldcdn.ldmnq.com — Cisco Umbrella Rank: 432565
encdn.ldmnq.com — Cisco Umbrella Rank: 145923
13 MB
41 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
62 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
335 KB
36 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4691
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
73 KB
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.us.criteo.net — Cisco Umbrella Rank: 2999
csm.us.criteo.net — Cisco Umbrella Rank: 2920
187 KB
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
386 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2776
u-iad04.e-planning.net — Cisco Umbrella Rank: 6499
s.e-planning.net — Cisco Umbrella Rank: 5968
sync.e-planning.net — Cisco Umbrella Rank: 4647
i.e-planning.net — Cisco Umbrella Rank: 5337
6 KB
17 google.com
apis.google.com — Cisco Umbrella Rank: 112
accounts.google.com — Cisco Umbrella Rank: 24
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
119 KB
15 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com — Cisco Umbrella Rank: 2098
5 KB
14 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 4918
pdp-cdn.retargetly.com — Cisco Umbrella Rank: 13461
pdp-service.retargetly.com — Cisco Umbrella Rank: 9534
app.retargetly.com — Cisco Umbrella Rank: 12188
15 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
ads.us.criteo.com — Cisco Umbrella Rank: 2842
cat.va.us.criteo.com — Cisco Umbrella Rank: 3136
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6312
dis.criteo.com — Cisco Umbrella Rank: 597
widget.eu.criteo.com — Cisco Umbrella Rank: 27366
60 KB
13 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
setupad-d.openx.net — Cisco Umbrella Rank: 54354
3 KB
12 rtbrain.app
g.rtbrain.app — Cisco Umbrella Rank: 15625
2 KB
11 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
5 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
7 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
sync.smartadserver.com — Cisco Umbrella Rank: 1330
5 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
7 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
prebid.adnxs.com — Cisco Umbrella Rank: 1633
secure.adnxs.com — Cisco Umbrella Rank: 495
7 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
176 KB
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 4418
cm.adform.net — Cisco Umbrella Rank: 1267
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
5 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
r.casalemedia.com — Cisco Umbrella Rank: 1699
4 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
5 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
419 KB
7 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41818
5 KB
7 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
u.4dex.io — Cisco Umbrella Rank: 3505
28 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
pixel.sitescout.com — Cisco Umbrella Rank: 3887
4 KB
6 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
prebid-match.dotomi.com — Cisco Umbrella Rank: 2253
retargetly-match.dotomi.com — Cisco Umbrella Rank: 13424
2 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2185
110 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
889 B
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
19 KB
4 8proof.com
8proof.com — Cisco Umbrella Rank: 34071
cdn.8proof.com Failed
7 KB
4 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9830
24 KB
4 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 407
19 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
872 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
772 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
863 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
269 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
427 B
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7332
creativecdn.com — Cisco Umbrella Rank: 592
878 B
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1536
716 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
967 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1019 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
665 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
835 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4780
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
83 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
syncv4.intentiq.com — Cisco Umbrella Rank: 15800
360 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 648
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
948 B
2 ldplayer.net
pt.ldplayer.net
apipt.ldplayer.net
78 KB
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
153 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
503 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
698 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3558
613 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
363 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
359 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
650 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
738 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
438 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
359 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1426
673 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2836
189 B
1 krushmedia.com
cs.krushmedia.com
599 B
1 shb-sync.com
us.shb-sync.com — Cisco Umbrella Rank: 4200
1 KB
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
740 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
657 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3714
119 B
1 setupad.com
node.setupad.com — Cisco Umbrella Rank: 46227
241 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
287 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
785 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
593 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
2 KB
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
311 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
646 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
557 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
515 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
418 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
275 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
47 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 43753
127 KB
0 richaudience.com Failed
sync.richaudience.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
473 116
Domain Requested by
68 ldcdn.ldmnq.com pt.ldplayer.net
ldcdn.ldmnq.com
tagan.adlightning.com
17 simage2.pubmatic.com 2 redirects ads.pubmatic.com
16 cm.g.doubleclick.net 12 redirects u.openx.net
pt.ldplayer.net
rtb.gumgum.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
tagan.adlightning.com
googleads.g.doubleclick.net
pt.ldplayer.net
13 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
13 u-iad04.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
ssum.casalemedia.com
13 pixel.rubiconproject.com 10 redirects pt.ldplayer.net
13 imageproxy.us.criteo.net ads.us.criteo.com
13 static.criteo.net stpd.cloud
ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
12 g.rtbrain.app googleads.g.doubleclick.net
pt.ldplayer.net
11 fonts.googleapis.com googleads.g.doubleclick.net
9 image2.pubmatic.com ads.pubmatic.com
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
9 pagead2.googlesyndication.com pt.ldplayer.net
tagan.adlightning.com
pagead2.googlesyndication.com
www.googletagservices.com
8 app.retargetly.com api.retargetly.com
8 match.prod.bidr.io 8 redirects
8 fonts.gstatic.com fonts.googleapis.com
8 us-u.openx.net 2 redirects u.openx.net
setupad-d.openx.net
ads.pubmatic.com
8 analytics.google.com www.googletagmanager.com
8 eus.rubiconproject.com pt.ldplayer.net
eus.rubiconproject.com
stpd.cloud
ads.us.e-planning.net
rtb.gumgum.com
7 pixel.tapad.com 4 redirects pt.ldplayer.net
setupad-d.openx.net
ads.pubmatic.com
7 match.adsrvr.org u.openx.net
pt.ldplayer.net
ads.pubmatic.com
rtb.gumgum.com
api.retargetly.com
7 s.amazon-adsystem.com 3 redirects u.openx.net
pt.ldplayer.net
ads.pubmatic.com
ssum.casalemedia.com
7 www.googletagservices.com googleads.g.doubleclick.net
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
7 prebid-stag.setupad.net stpd.cloud
u.openx.net
pt.ldplayer.net
ads.us.e-planning.net
ads.pubmatic.com
6 c1.adform.net 6 redirects
6 x.bidswitch.net 3 redirects ads.pubmatic.com
ssum.casalemedia.com
rtb.gumgum.com
6 ib.adnxs.com 5 redirects pt.ldplayer.net
6 ads.pubmatic.com pt.ldplayer.net
ads.pubmatic.com
stpd.cloud
ads.us.e-planning.net
rtb.gumgum.com
5 a.audrte.com 4 redirects ssbsync.smartadserver.com
5 pixel-sync.sitescout.com 5 redirects
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 ups.analytics.yahoo.com 4 redirects setupad-d.openx.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 u.4dex.io pt.ldplayer.net
ads.pubmatic.com
ssbsync.smartadserver.com
4 8proof.com googleads.g.doubleclick.net
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ads.pubmatic.com
4 hm.baidu.com pt.ldplayer.net
4 encdn.ldmnq.com pt.ldplayer.net
4 play-lh.googleusercontent.com pt.ldplayer.net
4 securepubads.g.doubleclick.net pt.ldplayer.net
securepubads.g.doubleclick.net
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
3 i.liadm.com 3 redirects
3 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
3 api.retargetly.com 1 redirects s.e-planning.net
api.retargetly.com
3 sync.1rx.io 3 redirects
3 sync.e-planning.net ads.us.e-planning.net
rtb.gumgum.com
3 ssp.disqus.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 ad.turn.com 3 redirects
3 eb2.3lift.com 1 redirects ads.pubmatic.com
ads.us.e-planning.net
3 widget.eu.criteo.com 2 redirects ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 bh.contextweb.com 3 redirects
3 match.sharethrough.com 2 redirects pt.ldplayer.net
3 aax-eu.amazon-adsystem.com 2 redirects pt.ldplayer.net
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 www.google.com pt.ldplayer.net
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 accounts.google.com apis.google.com
pt.ldplayer.net
www.gstatic.com
3 bat.bing.com pt.ldplayer.net
tagan.adlightning.com
3 secure-assets.rubiconproject.com 3 redirects
3 www.googletagmanager.com pt.ldplayer.net
www.googletagmanager.com
3 prebid.a-mo.net stpd.cloud
pt.ldplayer.net
3 apis.google.com ldcdn.ldmnq.com
apis.google.com
2 sync.smartadserver.com 1 redirects api.retargetly.com
2 retargetly-match.dotomi.com 2 redirects
2 cm.mgid.com 2 redirects
2 creativecdn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pdp-service.retargetly.com pdp-cdn.retargetly.com
2 rtb.gumgum.com ads.us.e-planning.net
rtb.gumgum.com
2 bcp.crwdcntrl.net ads.pubmatic.com
api.retargetly.com
2 thrtle.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 2 redirects
2 ums.acuityplatform.com 1 redirects api.retargetly.com
2 idsync.rlcdn.com setupad-d.openx.net
ads.pubmatic.com
2 id.rlcdn.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 prebid-match.dotomi.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects stpd.cloud
2 onetag-sys.com pt.ldplayer.net
ads.us.e-planning.net
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 um.simpli.fi 2 redirects
2 b1sync.zemanta.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
rtb.gumgum.com
2 ssbsync.smartadserver.com 1 redirects pt.ldplayer.net
2 csm.us.criteo.net ads.us.criteo.com
2 dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 u.openx.net 1 redirects stpd.cloud
2 s.yimg.com pt.ldplayer.net
s.yimg.com
2 connect.facebook.net pt.ldplayer.net
connect.facebook.net
2 i.clean.gg cadmus.script.ac
2 rtb.openx.net 1 redirects stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
2 mug.criteo.com pt.ldplayer.net
2 id5-sync.com stpd.cloud
2 gum.criteo.com 1 redirects
1 sync.teads.tv api.retargetly.com
1 cms.analytics.yahoo.com 1 redirects
1 tags.bluekai.com 1 redirects
1 tg.socdm.com 1 redirects
1 server.cpmstar.com 1 redirects
1 r.casalemedia.com ssum.casalemedia.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 i6.liadm.com ssum.casalemedia.com
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 pdp-cdn.retargetly.com api.retargetly.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.adkernel.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 synchroscript.deliveryengine.adswizz.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz ads.pubmatic.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.mathtag.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 i.e-planning.net ads.us.e-planning.net
1 sync.colossusssp.com 1 redirects
1 cookies.nextmillmedia.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 us.shb-sync.com 1 redirects
1 us.ck-ie.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.admanmedia.com ads.us.e-planning.net
1 sync.crwdcntrl.net 1 redirects
1 pixel.sitescout.com 1 redirects
1 setupad-d.openx.net stpd.cloud
1 node.setupad.com stpd.cloud
1 prebid.adnxs.com pt.ldplayer.net
1 dmp.adform.net 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 p.rfihub.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb.va.us.criteo.com googleads.g.doubleclick.net
1 ce.lijit.com pt.ldplayer.net
1 hb.yahoo.net pt.ldplayer.net
1 syncv4.intentiq.com pt.ldplayer.net
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com pt.ldplayer.net
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 www.facebook.com pt.ldplayer.net
1 cdnjs.cloudflare.com ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 www.gstatic.com accounts.google.com
1 sp.analytics.yahoo.com pt.ldplayer.net
1 ads.us.criteo.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 lb.eu-1-id5-sync.com stpd.cloud
1 cm.adform.net pt.ldplayer.net
1 apipt.ldplayer.net ldcdn.ldmnq.com
1 cadmus.script.ac script.4dex.io
1 fastlane.rubiconproject.com stpd.cloud
1 bidder.criteo.com stpd.cloud
1 hbopenbid.pubmatic.com stpd.cloud
1 mp.4dex.io stpd.cloud
1 prg.smartadserver.com stpd.cloud
1 adx.adform.net stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 cdn.jsdelivr.net stpd.cloud
1 stpd.cloud pt.ldplayer.net
1 pt.ldplayer.net
0 sync.richaudience.com Failed ads.us.e-planning.net
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cdn.8proof.com Failed 8proof.com
473 189
Subject Issuer Validity Valid
*.ldplayer.net
Amazon RSA 2048 M01		 2023-09-09 -
2024-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
stpd.cloud
E1		 2023-10-18 -
2024-01-16		 3 months crt.sh
*.ldmnq.com
Amazon RSA 2048 M02		 2023-09-10 -
2024-10-08		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-17 -
2023-11-15		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-01 -
2023-12-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.8proof.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-29 -
2024-02-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2023-12-17		 3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-16 -
2024-01-18		 3 months crt.sh
*.rtbrain.app
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
node.setupad.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads.us.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.retargetly.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-30 -
2023-12-23		 a year crt.sh
va-ad-exch-dev-eks.dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M03		 2023-08-14 -
2024-09-11		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh

This page contains 81 frames:

Primary Page: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Frame ID: 05AD978E93DE6C54C12795AF413F8EDC
Requests: 165 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html
Frame ID: 44E6F2BAB4F62434BEE572BBC7E1E80A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: A0E911CA861DE90FCB947590A2B9B40D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Frame ID: 413E0413B9DFEC64954C3DA442D01634
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&adk=1812271804&adf=3025194257&lmt=1699383898&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897693&bpp=1&bdt=1210&idt=441&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=455
Frame ID: BFA71B95CB54B990834D60F30208F0BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Frame ID: 6BE513E760F0A98FE8861A0E0F8D102D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Frame ID: F1C58193B0A9DD0791315F41643E5CCA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Frame ID: 4D54B004D7836DC3C80BB27C1A401C20
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Frame ID: 422E75F2C032F67CB286C61EFC99C074
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
Frame ID: E27F69E260A5275B671BFFFE8B31B77A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 971D925BFEDBA9B86EA27FA0F5EAB830
Requests: 4 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 6F7BE83F03232734F0F0C64AC965AEF3
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Frame ID: C9A88F12E3FEDDE9F3C32F966BC906A9
Requests: 29 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: A23905C3B6185A094B98F50B570B958C
Requests: 26 HTTP requests in this frame

Frame: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55E41A7DBA4B88E43E3A382179FBAC8B
Requests: 1 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=667055444829&ctd=10034&crid=3255&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8oQmWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEogJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FowQ4pRgFdkFX6s4TUp1XuN9ZjhdpvaLT94Rx2Kt5wu2kJ3YcNos0GQE5IAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1PhKRWGvLR7rTV0Ncb_WDIwItRXA%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWgAFsf0ITwVBAAg1cheCfmYZeIqrsGo97w
Frame ID: 2C08704E44D5672E4A2376871E1288D7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4yRTWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEnwJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FoxS4LXy6l6yChaPULGGTCCmFxhXcP-lV2v3LHBuNqyfvIUl0nV5bYAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=XSxVfb75Bvg&uach_m=[UACH]&cid=CAQSTgDICaaNFxVPCOWFxk7mtgn6Uq8WwmkImQkQVMR5Z5aURx4n7bkXoDV8rc1CYFR33DYS3g1U5YG6EQAHQ3jSWtgBB3iLetHEocP7mUaZVxgB&cbvp=2&vis=1
Frame ID: E3BC335FCAE2C8866F026F83D808330A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Frame ID: 855AA4AFDCE608ED3525B4A4C33EE9CC
Requests: 4 HTTP requests in this frame

Frame: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C67854BD2C5F95F40355EE9401EBC55
Requests: 11 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: CC63D90F49E115681DB4849FFFCF5ADA
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 848F5162F2C2C39A9F34A8929FC6A6EB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEAY07KlRUAABgYSJpUAA&gdpr=0&gdpr_consent=
Frame ID: 010AD3752AE15FCA13FCC0D00D37D21F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8535176339462545458&gdpr=0&gdpr_consent=
Frame ID: 99BE4ED804D870E3BC7220DECD939DFE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 121C0BF873DB3EBAA83FA12E2C3D149C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2214CF8901D9F031692B50208DA6ABE5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
Frame ID: 1F61014A3811444B3C264AF1B458C5C3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 34CDA6F0764CDFF5AC0D6B95E49FA701
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=4&user_id=86adf3bc-f61d-4c58-82e9-c095d82e2d82&ssp=pubmatic&expires=30&user_group=5&bsw_param=a2f84e17-eabd-4b63-ae9f-0af633f7c096
Frame ID: AB100E6BC5C5E994C4F6E8A4B8A0DA8C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567267103198
Frame ID: F63D7F6710CC52E456135FE2C4A26B8B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NdFSG_awX7d9lWW1RwkgoSaEdkM&gdpr=0&gdpr_consent=
Frame ID: FB432926733E98896353C39F6AA09407
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8USqmKUP1R0rnK5&gdpr=0&gdpr_consent=
Frame ID: 1802B0D54326A27EB8780E286A28031B
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: E9E1C8897A660E702773DE2BF6499854
Requests: 1 HTTP requests in this frame

Frame: https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F4A9C634E635ED18BC0C8A98608B6E3D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E39B151AB546CD71460E604F3B40B6F2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd9f478c13e074b899e9772f33fa9186e
Frame ID: D5463E69EB95E8F2F97E3CE4F96132CA
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 085C5CFB4CED5703C7F28E5387252F1B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 539F20C01BE2E7E5D2587C4C21D4B8F0
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 15B275D21A69C341BFCF70BB865CC96A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Frame ID: D305E4FC1559E770F377047CE0A58EB5
Requests: 6 HTTP requests in this frame

Frame: https://8proof.com/app/rtbmarkup/5111?id=667055347494&ctd=10034&crid=3265&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzBIXW4pKZauECOrHjvQPjOCG-A36j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQngAgCoAwHIAwKqBN4CT9B68xkcOn9JFjhUQ0gp0lUFddAuyam2ntX0UO9K3ChAMdWMJboS0ujXvurd4SKRb5U4IDeOcYAGknsE5PAvMJTqnInmiAHU30M-IkK34LFgn_mfHO8l6q0BuNIiw39sLX7sfGaz_4awJxJ8TYrRp9xeGHMrpMu8erf8tbw3un9asd0a00CXwYOBsTdqoRrzrWzdiQcQccYypwZ3FrljuR6GrRzUaPkqzcVZIpyvnqXd_-wDmhvIkZ7OxdZKWbwSz7kCPinP_l3JgKTz97j1e5XT8NMNM93eIsLDRKBOMAbU5XL7H_tqbIANk2RMWiBkkmGNPRFv0C3au9QUT4NU7WN-xI4z7h3HSqc_gKRqMWEnhjBTRUclyigz90kqi4qJVNRNjWlKnSO5AIs-OPYJDxDf0t6_e6atgv-Ku4yWcuh7ML8m9JWy4dO4Xd3HyPKfpc56gRxyxBhAcIM2Yw7gBAGABrqNrPqzkODjhAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3-dOdNMwX8h01b7bPnGkGW_1wVpQ%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWwACAisIg6PqAAGwDJKMB94oj9IFv0kjBA
Frame ID: D7E462D14EBA040FA6789461FA49B7CF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: FD56654B26C79C409C2857E8AAA62A23
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 6A2B55FA00CDA9CDEF030730574B7C25
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: D494C781FC08BCF4742C478C5235B0AD
Requests: 20 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd
Frame ID: 4426C9D57037FB7B5B80F9D88A946CEA
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B7D9AEEE0160F42C6E08F8CC2D5CA343
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 7003A77F862668B2267DDC672102E80B
Requests: 9 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 9FE9E39CB8BDED7C7CC08B2197EAA9BC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 7B492E626DFC37F961CA9AA437E3501D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De6152164cc48dbeb%26uid%3D
Frame ID: C2A5DD3E7E113E516B154B4D037BD1E2
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Frame ID: 075B11725415F8A8F29DB6BC97C98117
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: A6FC2606D0843A876982D7ACDB28D45F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=849493170895
Frame ID: FFE48EF702F7F445034A85B2C37D2AB2
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6A8BBA82B2418CEC2C25C07406920C7D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B45991D1E43958B2EBB9EF315022DB86
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=NjMTF2HkCMuEVA_fX4pKZQ
Frame ID: 58C354C9FF15D2AA4DA4B4FD320AF712
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0&gdpr=0&gdpr_consent=
Frame ID: 78D1D739871785B5EA159C0D1A93409F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-add83cde-e0e9-4729-ab81-c991e1728845-005
Frame ID: FF962602ABC775F1B56F2D2600EDC1C6
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EAB87D6D2D1C4C488AE668D22FF30971
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7E3D7ABE7768982423E5FF303619A934
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7526703031263288345
Frame ID: BD118F4C4BD9DB1562599A417CA295EB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7&gdpr=0&gdpr_consent=
Frame ID: 8ABB5EB92B259941659D89C29118AE07
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 3A198F18E79C53D940CCBA80C526DE8F
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=e6152164cc48dbeb&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 61AE2AA4734E08A775D45919CAB9B3CE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 76CB901D94992B4D77A8ECD3A61F829E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Frame ID: C3602BA5C240913A86D0F4B6BDE90B12
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 389337BBE28A3130572993F73A7213AD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3De6152164cc48dbeb
Frame ID: 13F01421952841070ABB4FDFCC193F4A
Requests: 1 HTTP requests in this frame

Frame: https://prebid-stag.setupad.net/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=APwi04KbDKg7aG4d
Frame ID: 7FD4FF7749E56819F223781F403B241E
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Frame ID: 4D9D8C39C7D0BC42DDF664566CCE0166
Requests: 15 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=246106710764278111&gdpr=&gdpr_consent=
Frame ID: 4FA5B864D78D97FFC5D539672E7FB98F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hMjk5NTVjMC1lZTMxLTQ2NzYtODNhMi1mM2ZlZWRkZWQwYzk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: B96A12F4596FCF845A40258A8A0BB4B3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 10CC510B67422C0B78F1E3758E26802C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: C248043ADB8B70D186083270BC621099
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZUqKX8Co8YIAAGWMRmEAAAAA
Frame ID: 935F6B779E4F8C637E7777CFA1437FC6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=evf0fyk3ylCPC5BhJDcI&pi=gumgum&tc=1
Frame ID: 30FC0526BEF188C892A5BBD4BAE35D13
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 41C118FCEBC0AC90349960C0BEABAB4C
Requests: 4 HTTP requests in this frame

Frame: https://prebid-stag.setupad.net/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 56C05D01A571EA3644335665D0334E9A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 92B9561A28BCBFE34B16708D0A97B742
Requests: 1 HTTP requests in this frame

Frame: https://prebid-stag.setupad.net/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: C76E1E5AF1BD36991E2EAE4AF0952805
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 933485068C64C012107EC28B45723254
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=e6152164cc48dbeb&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Frame ID: 02C151B2901370B4E71C7FF043A087A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baixar Financiamento Lojista para PC - LDPlayer

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

473
Requests

81 %
HTTPS

29 %
IPv6

116
Domains

189
Subdomains

121
IPs

11
Countries

15693 kB
Transfer

21703 kB
Size

193
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.ldplayer.net%2F&domain=pt.ldplayer.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Me66vnwycE8xVm0ydUtSMTNFMW1OeXR6NERKYzJEd1dPbS9UaWpVSURGVWM0K0toZjdtcUhkS1BHZVE0cWc0VVhOeFJEemMrSnltNCsrNEtsbTRTTTJKZGg0WHB3NjBQUmEyTFhvbUtpMHJrYUp6T3kvbGxzVEZwbDFOa2tmdDh4S3A5UmpxY0FvcE4wRVZVeUp1Tk0rY0h3dHlOMDA2ZjdRNUZHUVN2ZDFjd2JLL0t0SG53enlKWFVqdFpiU3RQcDBQT0lMSHZoSjFCK1dNejB5eFZTQmxLV0F0aWYwVGxHRTYxL3dNQmNFemhMd0JNPXw&cppv=2
Request Chain 98
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 161
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Request Chain 185
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZUqKWwACDSK4-gBH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUqKWwACDSK4-gBH&_test=ZUqKWwACDSK4-gBH
Request Chain 187
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c&dcc=t
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJpRFoFzPoL2j_jW1WxayDc&google_cver=1
Request Chain 241
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LOOPANM3-1W-DN8V HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Request Chain 250
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&f=i&uid=5030548864787626141
Request Chain 253
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOOPANM3-1W-DN8V
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo8NiaDlGzb5EhFWPgABLQ&google_cver=1
Request Chain 255
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9PUEFOTTMtMVctRE44Vg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKuvk-P0K2Fhh2gaDG8P9qs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9PUEFOTTMtMVctRE44Vg==&google_push=
Request Chain 256
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sTYZsXRXT4mWhWrlwAZkrA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sTYZsXRXT4mWhWrlwAZkrA
Request Chain 257
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU4M2QxZGRkODRhZjU3ODdkMmFmMDk1MjYzYzBmNTNiMDlhOTgyZA
Request Chain 258
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IflcncUcTpGEiSbwC39oBQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IflcncUcTpGEiSbwC39oBQ
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Nqb9teZ4RXBPfoTay9f-mMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-h.v66FxE2oIFikz4Hgte7yvdhU349jjb.BeIDw--~A
Request Chain 261
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG1Qk7KlRUAABik1x1ecw&expires=30
Request Chain 262
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOOPANM3-1W-DN8V HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V&ripv6=2001:550:1d05:1::6
Request Chain 263
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOOPANM3-1W-DN8V&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOOPANM3-1W-DN8V&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NamxyZE90RTJ1RjZlUmp6WjhONy5tdVFnUzBSV0dGTn5B&ovsid=LOOPANM3-1W-DN8V&dpid=58160
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Request Chain 265
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOOPANM3-1W-DN8V
Request Chain 266
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOOPANM3-1W-DN8V
Request Chain 267
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOOPANM3-1W-DN8V
Request Chain 268
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOOPANM3-1W-DN8V
Request Chain 296
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQVkwN0tsUlVBQUJnWVNKcFVBQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEAY07KlRUAABgYSJpUAA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEAY07KlRUAABgYSJpUAA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEAY07KlRUAABgYSJpUAA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3881927734840604943&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEAY07KlRUAABgYSJpUAA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D3881927734840604943%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=3881927734840604943&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEAY07KlRUAABgYSJpUAA&gdpr=0&gdpr_consent=
Request Chain 297
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8535176339462545458&gdpr=0&gdpr_consent=
Request Chain 300
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=86adf3bc-f61d-4c58-82e9-c095d82e2d82&ssp=pubmatic&expires=30&user_group=5&bsw_param=a2f84e17-eabd-4b63-ae9f-0af633f7c096
Request Chain 303
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567267103198
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NdFSG_awX7d9lWW1RwkgoSaEdkM&gdpr=0&gdpr_consent=
Request Chain 305
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8USqmKUP1R0rnK5&gdpr=0&gdpr_consent=
Request Chain 306
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bde329a8-225d-46fd-a117-303b5fe92031&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Request Chain 307
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 308
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 309
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd9f478c13e074b899e9772f33fa9186e
Request Chain 311
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ucABW1t9TCG0WIn0Gu6iGg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 314
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
Request Chain 316
  • https://eb2.3lift.com/xuid?mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlDMDAxNUItNUI3RC00QzIxLUI0NTgtODlGNDFBRUVBMjFB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDRsMHxHXBIZM65na8PTg8w&google_cver=1
Request Chain 319
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7
Request Chain 321
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CvgqiY9E2uWHgw2jXs8MA4NTd7NN67w-~A&gdpr=0
Request Chain 323
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5b0b922c-4fcd-406b-ad52-cec24283a804&gdpr=0&gdpr_consent=
Request Chain 324
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f1c272eaad813b2&is_secure=true&networkId=17100&version=1&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG_03d9j3tdANG9AvfAAAAAAA&expiration=1699470300&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 326
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Request Chain 327
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10BC9ACF0_6CFAB714&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 328
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 329
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6341650345889727555
Request Chain 346
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=246106710764278111&gdpr=0&gdpr_consent=
Request Chain 347
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=05026310-4ddb-4e70-ba8c-de300203a5ce&gdpr=0&gdpr_consent=
Request Chain 348
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmMzYnJ0WUZSUC1TQWFNd01hbjhmMjZ6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZjM2JydFlGUlAtU0FhTXdNYW44ZjI2ekEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZjM2JydFlGUlAtU0FhTXdNYW44ZjI2ekEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZjM2JydFlGUlAtU0FhTXdNYW44ZjI2ekEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=246106710764278111&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZjM2JydFlGUlAtU0FhTXdNYW44ZjI2ekEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=fc3brtYFRP-SAaMwMan8f26zA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=3881927734840604943&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 349
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=01e63dec-3715-4222-968a-585ad2f1898b&gdpr=0
Request Chain 355
  • https://pixel.rubiconproject.com/sync.php?p=prebid HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Request Chain 361
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Request Chain 368
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De6152164cc48dbeb HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Deeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253Deeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553%2526dc%253D0abbcb4eba840e59%2526fi%253De6152164cc48dbeb HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Deeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553%26dc%3D0abbcb4eba840e59%26fi%3De6152164cc48dbeb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&dc=0abbcb4eba840e59&fi=e6152164cc48dbeb
Request Chain 369
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3De6152164cc48dbeb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=7MoAH4HihgZs&dc=66b7ef4184d94c10&fi=e6152164cc48dbeb&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 372
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De6152164cc48dbeb%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e6152164cc48dbeb&uid=8917367e-87a3-0384-04a1-2b2cff31bff1
Request Chain 374
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3De6152164cc48dbeb%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2bf5355b4fb8145d&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3De6152164cc48dbeb%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=e6152164cc48dbeb&uid=AAAFnoULCq24KANFEAFUAAAAAAA&expiration=1699470302
Request Chain 376
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De6152164cc48dbeb%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=e6152164cc48dbeb&uid=8535176339462545458
Request Chain 377
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3De6152164cc48dbeb%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=e6152164cc48dbeb&uid=09d951eb-14e5-4040-b7bf-fef7ebc8a175
Request Chain 378
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3De6152164cc48dbeb%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZTYxNTIxNjRjYzQ4ZGJlYiZ1aWQ9dWEtNWM2MzhjYmYtZDhjYi0zMTlhLTliN2MtOGJmYWVjMDkxOWNiMgIeHzgB%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=30&buyeruid=327e263b1a8fc3b7d7e9bc854506dffd130a44f85d4a671dc4e2c31335c1b053&r=Cid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZTYxNTIxNjRjYzQ4ZGJlYiZ1aWQ9dWEtNWM2MzhjYmYtZDhjYi0zMTlhLTliN2MtOGJmYWVjMDkxOWNiMgIeHzgB&gdpr=&gdpr_consent= HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZTYxNTIxNjRjYzQ4ZGJlYiZ1aWQ9dWEtNWM2MzhjYmYtZDhjYi0zMTlhLTliN2MtOGJmYWVjMDkxOWNiMgIeHzgC%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.disqus.com/match?bidder=31&buyeruid=ee1a5f8a-b8b2-4d5b-8213-560448da5011&r=Cid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZTYxNTIxNjRjYzQ4ZGJlYiZ1aWQ9dWEtNWM2MzhjYmYtZDhjYi0zMTlhLTliN2MtOGJmYWVjMDkxOWNiMgIeHzgC&gdpr=&gdpr_consent= HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=e6152164cc48dbeb&uid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb
Request Chain 379
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=01e63dec-3715-4222-968a-585ad2f1898b&dc=769fefa8321c94fb&iss=1
Request Chain 380
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3De6152164cc48dbeb%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=e6152164cc48dbeb&uid=23525b4e-c7f6-4fa9-beef-73312e8376ce
Request Chain 381
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3De6152164cc48dbeb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=e6152164cc48dbeb
Request Chain 382
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3De6152164cc48dbeb HTTP 302
  • https://u-iad04.e-planning.net/um?uid=3d96c5ae-073d-481d-a742-c3fa3cd62515&dc=d015773253e1640b&fi=e6152164cc48dbeb
Request Chain 383
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 385
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Request Chain 389
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Request Chain 392
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=e50fc6d7-f37b-060d-3054-6bca47f11ca4 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZTUwZmM2ZDctZjM3Yi0wNjBkLTMwNTQtNmJjYTQ3ZjExY2E0EAAaDQjelKqqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGGDLq5OrQvQc_n0YK728TU&google_cver=1
Request Chain 393
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8535176339462545458
Request Chain 394
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 395
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=849493170895
Request Chain 397
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 398
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=NjMTF2HkCMuEVA_fX4pKZQ
Request Chain 399
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0&gdpr=0&gdpr_consent=
Request Chain 400
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1699383902750 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7297234038 HTTP 302
  • https://sync.1rx.io/usersync/turn/3053997380392811454?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-add83cde-e0e9-4729-ab81-c991e1728845-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-add83cde-e0e9-4729-ab81-c991e1728845-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-add83cde-e0e9-4729-ab81-c991e1728845-005
Request Chain 403
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7526703031263288345&uid=Q7526703031263288345&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7526703031263288345
Request Chain 404
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7&gdpr=0&gdpr_consent=
Request Chain 405
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ebd058-dc15-4a85-96a8-3b2ff0558d22
Request Chain 410
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b43379e2-5a17-4dd3-a52b-ea400da091a2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 427
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LOOPANM3-1W-DN8V HTTP 302
  • https://sync.e-planning.net/um?uid=LOOPANM3-1W-DN8V&dc=9bcc91305985f0db&iss=1
Request Chain 429
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform= HTTP 302
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUqKXnUCjW_io7mK5mrXYgAAEZQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBPuYaZg_Qg6VHXVd7Tgvpc&google_cver=1
Request Chain 431
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUqKXnUCjW-io7mK5mrXYgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEWGqCyT5o235UBGY9Xk6NI&google_cver=1
Request Chain 432
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUqKXnUCjW-io7mK5mrXYgAA%264500&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUqKXnUCjW-io7mK5mrXYgAA%264500&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8c17a9933fca4e53b88588d2a0c5cd63 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng
Request Chain 434
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8535176339462545458
Request Chain 435
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Request Chain 436
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=246106710764278111&expiration=1700593503
Request Chain 441
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8535176339462545458
Request Chain 442
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a29955c0-ee31-4676-83a2-f3feedded0c9&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=qNuR6_R7GaLfb1TDGCI-0
Request Chain 443
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=47f41dc1-1629-083b-0856-fbd4b63a7c3a
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-35d1521b-f6b0-5fb7-7d95-65b5470920a1$ip$38.132.118.67
Request Chain 445
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-odZY8itE2pc6weLBdYeBQ2xlGF.SfF5hYrPy~A
Request Chain 446
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5b0b922c-4fcd-406b-ad52-cec24283a804
Request Chain 448
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a29955c0-ee31-4676-83a2-f3feedded0c9&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 449
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=7MoAH4HihgZs&ev=1&pid=558355
Request Chain 450
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3881927734840604943
Request Chain 452
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=246106710764278111&gdpr=&gdpr_consent=
Request Chain 456
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUqKX8Co8YIAAGWMRmEAAAAA
Request Chain 457
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=evf0fyk3ylCPC5BhJDcI&pi=gumgum&tc=1
Request Chain 458
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 462
  • https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70&cdsp=712808&sct=1 HTTP 302
  • https://app.retargetly.com/sync?sid=na739m9Zsg5b&pid=70
Request Chain 463
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa HTTP 302
  • https://retargetly-match.dotomi.com/match/bounce/current?DotomiTest=343c5d5df3f3129e&is_secure=true&networkId=95012&version=1&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa HTTP 302
  • https://app.retargetly.com/sync?pid=72&sid=AAAF4gVxR9kp1ANwUQctAAAAAAA&expiration=1699470303&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&is_secure=true
Request Chain 464
  • https://tags.bluekai.com/site/28347?limit=0&id=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9 HTTP 302
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Request Chain 465
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&_rand=1699383903369 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MjBmYTZlNTctYjkzYy00YzVlLWI5MDAtMjk1YmY4ZThkNGZh&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEGbETM8XvlOn7uOVtiHKlX4&google_cver=1
Request Chain 467
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=8535176339462545458&pid=2
Request Chain 468
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY HTTP 302
  • https://app.retargetly.com/sync?pid=22&sid=y-W0HDl5NE2oIx0Y97xHmav5x8xTeQVidMsro-~A
Request Chain 469
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23 HTTP 302
  • https://app.retargetly.com/sync?sid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&pid=23
Request Chain 470
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
  • https://app.retargetly.com/sync?pid=14&sid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Request Chain 473
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOOPANM3-1W-DN8V HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOOPANM3-1W-DN8V

473 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request financiamento-lojista-on-pc.html
pt.ldplayer.net/games/ 		332 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-93.iad89.r.cloudfront.net
Software
nginx/1.6.1 /
Resource Hash
fb6463e6dac6043ec3340b21358a8d0acd6704e866009f44e863415cc590f4cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:04:56 GMT
etag
"53108-x3ZL1Kvr/4TFib+omwVz3BDSZEo"
server
nginx/1.6.1
vary
Accept-Encoding
via
1.1 8ad5a9cbb864898c238f716c1a12623c.cloudfront.net (CloudFront)
x-amz-cf-id
1GmpdEIg-iy5pK1BhALNQBASXo7o4oL-poUrVUWXEM3Ul2sRFA4AsA==
x-amz-cf-pop
IAD89-C2
x-cache
Miss from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d35b5819bb578eca110d3eee756a7dfcbef9575d8904595b5f0754d499c933fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31057
x-xss-protection
0
server
cafe
etag
907 / 19668 / m202311020101 / config-hash: 6734597421168994444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:56 GMT
5893
stpd.cloud/saas/ 		452 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/5893
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d9a02148fd46c283e25951b57dfa1c3627020e633366fcf72f2679e1c15985

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 23:04:56 GMT
date
Tue, 07 Nov 2023 19:04:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 19:00:47 GMT
server
cloudflare
age
249
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8227d849db1731ea-MIA
stpdhash
cache
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64510d72a8108e9a45ec55fed2854fd795ed43f91593076201f4bc723f08b7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52063
x-xss-protection
0
server
cafe
etag
17189565538180331161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:56 GMT
logo.deeb2ee.webp
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/logo.deeb2ee.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
76ae36b1d89ff8a1eef04651ac0fd65cab6648127c13ccaf5346897ecdc41012

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 05:31:28 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545D7280A93063435DCDFD4
content-md5
OF0+umdQPuaAtAMI9HUwgw==
x-amz-cf-pop
IAD79-C1
age
48808
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1888
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:56:55 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"385D3EBA67503EE680B40308F4753083"
vary
Accept-Encoding
content-type
image/webp
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10644451974219734452
x-amz-cf-id
OGJenQ3riCp1w2UPXDG9UCKVzTAZnQWohhWUkYDsvt_wwWqS26XbVw==
x-oss-server-time
31
logo-icon.7b3834c.webp
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/logo-icon.7b3834c.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
f1b7ce4b79799fcb7699fdaf50b8d2412e6f35d4d5ff75de80024ea25f554f07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:31:32 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545E53A43F9F8303611C527
content-md5
nboR4pqO6wZw6jc1bZ6Cyw==
x-amz-cf-pop
IAD79-C1
age
45204
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1701
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:56:53 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"9DBA11E29A8EEB0670EA37356D9E82CB"
vary
Accept-Encoding
content-type
image/webp
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7894321263549742069
x-amz-cf-id
fC6hYR8G09MQCUIFwnWMwbiSfMedEyWxGaJiKedd-sF50pIJ2QbkGQ==
x-oss-server-time
14
uneJe13zRiAWKN7d9UrlFFUjh9eSlH3eBNRI5IcZDlKhnPAxCMHFpyeVRWYEfhf78G4=w540-h302-rw
play-lh.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/uneJe13zRiAWKN7d9UrlFFUjh9eSlH3eBNRI5IcZDlKhnPAxCMHFpyeVRWYEfhf78G4=w540-h302-rw
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
474039b8a912be870e429a44768f19badc7c0883f84a0586b6723907edfeb5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6198
x-xss-protection
0
expires
Wed, 08 Nov 2023 19:04:57 GMT
jQ4ZxhLtninol8OaFqtuyfyRjWkNQf6CtyV4PRo1C_sR5jo1BxRQecH0gWslmbUDDQ=w540-h302-rw
play-lh.googleusercontent.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/jQ4ZxhLtninol8OaFqtuyfyRjWkNQf6CtyV4PRo1C_sR5jo1BxRQecH0gWslmbUDDQ=w540-h302-rw
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9b11ad6d818471c5f7cee16722caf233d195718fb25f47fbefff74c295d3ce09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4540
x-xss-protection
0
expires
Wed, 08 Nov 2023 19:04:57 GMT
Nnob0_-Ws3MeyNddREPSRzRyYF9hijSpxjpKs-yA4rTry3TWM2TWpyPe_DkBH4L8Jg=w540-h302-rw
play-lh.googleusercontent.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/Nnob0_-Ws3MeyNddREPSRzRyYF9hijSpxjpKs-yA4rTry3TWM2TWpyPe_DkBH4L8Jg=w540-h302-rw
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1383e607a7bcf319a8e9bc71c7cbc40267ad0eac91bbab2f8b1a008e5423205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6890
x-xss-protection
0
expires
Wed, 08 Nov 2023 19:04:57 GMT
next-icon.png
encdn.ldmnq.com/gw/assets/images/05/gw-new/ 		171 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encdn.ldmnq.com/gw/assets/images/05/gw-new/next-icon.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:1a00:f:2cbf:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d3b6cb89347c29fdb61545172403ca507a1f9a6348648efd54e38f9375658898

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:38:23 GMT
via
1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront)
x-oss-request-id
65423751637FD23439F0797F
content-md5
Ijs7ygYPYO2Za3V3lHyCFQ==
x-amz-cf-pop
IAD55-P3
age
26942
x-cache
Hit from cloudfront
content-length
171
x-oss-object-type
Normal
last-modified
Wed, 23 Sep 2020 08:44:20 GMT
server
AliyunOSS
etag
"223B3BCA060F60ED996B7577947C8215"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9621270581342172303
x-amz-cf-id
Vk7WEduYfu9J_rz2ZZeB3H3SA0zL9Wd2FQRM2fwKw0E4cPljiNwxpA==
x-oss-server-time
1
video-icon-1-on.fcb997e.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-1-on.fcb997e.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6759feac786ffe41b6e09b347355c8448cd5fdb9d1d47152bffcf559de7bf55f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 05:33:10 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
65472913637FD230359B3518
content-md5
+G8Rg5DDUzyrMsBTUeNihg==
x-amz-cf-pop
IAD79-C1
age
48707
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1266
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:57:18 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"F86F118390C3533CAB32C05351E36286"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7867255543980928071
x-amz-cf-id
_BIRXCt3b3bWjWFAXX4XNIbPtY17MfSX-TOfByfSRL3zgRFt2qDbQg==
x-oss-server-time
2
video-icon-2.ea0059b.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-2.ea0059b.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
a43fca718a3f29d6c5817925ba0df5c686779c3cc6fc35a455ac6d15a2511476

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:58:57 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
65422F19048FEF3635C716E4
content-md5
MFUuEsdro/XfOQUbijuX7Q==
x-amz-cf-pop
IAD79-C1
age
29160
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1140
x-oss-object-type
Normal
last-modified
Tue, 31 Oct 2023 06:41:19 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"30552E12C76BA3F5DF39051B8A3B97ED"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8983550354238885516
x-amz-cf-id
SJS-pvgkLHvkp-XtzG2RLUgXAu4BWF6rhZY3m_0Gx6tGT7qmMdBC8Q==
x-oss-server-time
5
video-icon-3.f058df2.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-3.f058df2.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
0aac002679cc94de90bce1b283fc4a89647ca95badc0ae151138734cd81b7902

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:56:53 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
65489C3B7945F93433BE52D1
content-md5
Tp/l0E5Y3jh8Q9O/s0Kjyg==
x-amz-cf-pop
IAD79-C1
age
40083
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1160
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:57:19 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"4E9FE5D04E58DE387C43D3BFB342A3CA"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12458122828357538856
x-amz-cf-id
vebJwhd3YNL_QmryIZEAGcx97Tvpb7_Wr_03XopqwsdDL1QYeTCyng==
x-oss-server-time
14
small-flash.c3f5d03.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/small-flash.c3f5d03.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6a6df6fe5aaa5c369c636843224dfc70233fe476f1d1d9e7335101b8a4f64bdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 05:33:53 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6547291A2319383037916234
content-md5
cV22JlaJCqZm8TrD2IWpww==
x-amz-cf-pop
IAD79-C1
age
48664
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5845
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:57:07 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"715DB62656890AA666F13AC3D885A9C3"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9832539087897576902
x-amz-cf-id
I5e1Ekkhk5L33ELtU-wlBTQ-klYvetYiLi7jgayFh0LYFU8zmFrStg==
x-oss-server-time
3
floor-jump-bg.3f5fc52.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/floor-jump-bg.3f5fc52.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1d8b44b2c5eb04e7e7e2b859bcc9f213c6e9581638168f7d6fd86380a9b35d40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:17:00 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6542332D108AF53931CEB556
content-md5
LSa/AeUYcjMOSrDk63MvSw==
x-amz-cf-pop
IAD79-C1
age
28077
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
28101
x-oss-object-type
Normal
last-modified
Tue, 31 Oct 2023 06:41:06 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"2D26BF01E51872330E4AB0E4EB732F4B"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2023985084404361241
x-amz-cf-id
nKLBYaDqKOgBuzQ5_bn1n1felR9-hVcwJOKtpPVyarHcwyiMvR3hPg==
x-oss-server-time
5
132a7c3.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/132a7c3.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
e453077ebf0f5cf10cc975d322becbc3121c1998bf0f94b3cf5eabaea1cf0644

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:39:54 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654A13FAED08FF37330911F1
content-md5
ECDRsB7SbPTMhbS3+gerNg==
x-amz-cf-pop
IAD79-C1
age
30303
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 10:37:51 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13102877957882977344
x-amz-cf-id
18uDy3ThPKY9oCBCexYBdsiux3ftIz6abyniahHvR6FD3f45blOuoA==
x-oss-server-time
11
e0748d5.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		336 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/e0748d5.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
32c03a59d4544c78b10f643f2c34d73d186953061bd1d2df69d5679112a10c9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:32:20 GMT
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545E55B108AF53236BF6974
content-md5
cOMBoY/LlgyP5L90Z5ka0w==
x-amz-cf-pop
IAD79-C1
age
45157
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
336
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:40 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"70E301A18FCB960C8FE4BF7467991AD3"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4972819634138540868
x-amz-cf-id
1dHvJ8QNjbmfYrJ-H2WKj9bBynBOARnM9ajHpX0Q2lPx9zgFGWpd6g==
x-oss-server-time
20
d8620e1.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/d8620e1.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c9818f99b0e30da8dd46436953e1dfcf00f1c67e7671ccc7b0001702b3c826a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:19:48 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654A0F441E3C923430D3FEF8
content-md5
FmVJ7I37KniMQxiuJvOV0Q==
x-amz-cf-pop
IAD79-C1
age
31508
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 10:17:34 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10112676863034752867
x-amz-cf-id
s2saKJ3Uo7G0sg8TsA1uIsfXX-UuFwfflY7zpj8IqDMmEIBryNjXWg==
x-oss-server-time
4
cb88fff.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/cb88fff.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
a9b5cebe35dbb48bacdc4260be4a8aeed653e4b2ab6c02884400eab65d59908a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:32:33 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654753107945F93233BBF6D1
content-md5
P/yY6zymsX+u70aWJV9scg==
x-amz-cf-pop
IAD79-C1
age
37944
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:38 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"3FFC98EB3CA6B17FAEEF4696255F6C72"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1197759503871153642
x-amz-cf-id
qWY8mnW5ODwBIQ2CYh8H4u7ke0r0iJXGoEl1AjAORUZUupL_Zbueyw==
x-oss-server-time
4
cc0d7a5.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/cc0d7a5.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ad2a9c429cbc2eeff1fee9dbde9f1dc0ee5a9806b06205f81fca33ecff3ea28e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77FA05E363530A8109B
content-md5
Tx7/ivpxucLpDggClhSGkA==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:22 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
18424936658720026855
x-amz-cf-id
nePA5L3RwSZZXHp-yfCgqDpNIWS-AvUzJVVDg4-paZ4X4eYACXU0VQ==
x-oss-server-time
7
cc9ea6d.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/cc9ea6d.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6cf5c3825606c3a20ce5336747ba03bc4b8f8189fd66e64905d7af63348bcf40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:05 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A781CB36F93333905031
content-md5
JsVNtOE8oxcPiPID0KoXnA==
x-amz-cf-pop
IAD79-C1
age
58072
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:22 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4123630693034614491
x-amz-cf-id
bwzIdZ7ePQw35zi4ugpPMryQM1H9rbEZCqnHtKeiCCBQx-7jvA0Qpw==
x-oss-server-time
14
fbddfec.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/fbddfec.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b916de3b4d79f9586b879e88761bea89ae5a4529f70c321be40a69b9ee6eb1fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:04 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A7807859E43633482AA6
content-md5
koxExpCkSD6q6PDoLTixOw==
x-amz-cf-pop
IAD79-C1
age
58073
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:25 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11820916105621690591
x-amz-cf-id
08T2G-RIxsdk6jyKgqp4PK7m2Q7aZc2eA7S_8cwCtqSzJj97qI900g==
x-oss-server-time
2
5c5e769.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/5c5e769.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
077f56ae156f91774f40dc56d9addbca37bb19a8bdb3472876acb36538d8d3c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:00:02 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654607E3E702E23932AFF1FF
content-md5
bJGa3ME0bqffRRY4ESiPDw==
x-amz-cf-pop
IAD79-C1
age
36294
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:54 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"6C919ADCC1346EA7DF45163811288F0F"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9439156227093169685
x-amz-cf-id
r6cr1kM-AiIwP_HUA5WasER7wBt693UCyP2kpBrj8DZ1j2RN63xIhQ==
x-oss-server-time
3
4edee14.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/4edee14.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d6003a63c4a2770b126999dcbe6eaaec114af8c3b8d1b884124b07e6006b689c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:52:05 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549FAB572154E353197D342
content-md5
CL5MQkFfDY23HXoQ+JC+Hw==
x-amz-cf-pop
IAD79-C1
age
36771
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:40:56 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10464208952989332094
x-amz-cf-id
5z0fVWj4S3ELTba-pYkxg35zSqIfK63Fcvttm-oJZJ_tkLGxq7yGxQ==
x-oss-server-time
17
9d4b644.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/9d4b644.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ac9cd585667114f86a8ed7607625fdd8cedeeababd6516b649de5739fec1cdca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:02:38 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545DE535ADBFC33343025AF
content-md5
mrxQD5jhIpBU2OUvKsDnvA==
x-amz-cf-pop
IAD79-C1
age
46939
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:10 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"9ABC500F98E1229054D8E52F2AC0E7BC"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15466470891167186967
x-amz-cf-id
sMnTntnufxhqCLscvvZQh5T1tathyVCQQLvwfkMFpK0PAP92Oe9K8w==
x-oss-server-time
1
c59f63c.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/c59f63c.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b9dd41d26a351f2c6b4fc0ac59e138c75b06740eb5152d86d84b53bce3219263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77F4FF14A38318FC080
content-md5
18tMi/wmfvDQvLDavSTZjA==
x-amz-cf-pop
IAD79-C1
age
58073
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:21 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3541343121224803773
x-amz-cf-id
qwVfY70epfe_lY9wZk1uTf067lDacFktNpoYzjc_ieGbDwPLp1L5hA==
x-oss-server-time
1
e834d46.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/e834d46.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6e5dca2717099d44f538f8c090e531774f2ad4fc1c935b2158d04da225c6f124

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:00:25 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
65472F69C05EDB3731E488B9
content-md5
NcLhcoTipIAXgOd745EvRQ==
x-amz-cf-pop
IAD79-C1
age
47072
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:43 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"35C2E17284E2A4801780E77BE3912F45"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11115481865930896488
x-amz-cf-id
T4kaJiHUD3ZHEj4mUp0_U0xdcKS6-QGy6DGMEN--6HGCwkHz7BCwyg==
x-oss-server-time
1
f2c6d1e.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/f2c6d1e.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
9a0e951cee522b4ab8feb102d4d262970985af4a7ba1ebf434926b81770c5aed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 00:44:59 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6546E58722435B373361893A
content-md5
R+7UAX4vqtcoEt/iZ4oayA==
x-amz-cf-pop
IAD79-C1
age
65998
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:47 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"47EED4017E2FAAD72812DFE2678A1AC8"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15977677750992581298
x-amz-cf-id
aMCcKPfN_2jvm-EwWfRna5jB72argzmIOXUgu6hqalutGro7BIKSKQ==
x-oss-server-time
1
a9286b4.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a9286b4.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
f04db8faf23fc09e57dc875f295a32e3897cd2158e0e6cf824f80921fb4df09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:21:52 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654A0FC0E702E231373E2A2E
content-md5
pH6Zsq/c1M8vwmAqZyPwhQ==
x-amz-cf-pop
IAD79-C1
age
31384
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 10:17:30 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4480355038652566376
x-amz-cf-id
NKyNOd_eOazuVecOOHtKq7AuP30AW-4-KywCk4mKCRqx4HlCtApT3w==
x-oss-server-time
2
2b90a80.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/2b90a80.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d408aa65d7d24d320d73be3b6ddf6a3a9c1823c92d79b06a29fa0fe134a82707

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:42:04 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654A228C4005843331844BBF
content-md5
Qc2bhIwbeZyYvB29MREQ+w==
x-amz-cf-pop
IAD79-C1
age
26573
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 10:37:55 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4065338874759920802
x-amz-cf-id
5ooRJ7mKFKj66Rq_Jeml3v4BxD2KEZN40h4actuuqfxG7DfW-pyGcQ==
x-oss-server-time
1
eda34a9.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		77 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/eda34a9.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1035d04932b70e39938ea6a55ca7df7689c18201396548b3c38894445ada2847

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:46:32 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654A0778C05EDB33322FD905
content-md5
e9qUQFj1WTzKwwjXcqhh3A==
x-amz-cf-pop
IAD79-C1
age
33505
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:41:10 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13111149963266647687
x-amz-cf-id
zFclsgIxVa8NiazWFNf2arxq1Pnj3bhXvIjuoQ_0NXwdXLD2R6Md1Q==
x-oss-server-time
2
91ac87c.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/91ac87c.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
368a0b9953c4d1be5708383dc8baa8d818ebb3cded0fbddeed5315658d4be6d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:30:27 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6542368E700FB13631472EAA
content-md5
t7Axmn48m9mqNvJg/vNg6w==
x-amz-cf-pop
IAD79-C1
age
27270
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 31 Oct 2023 06:40:51 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"B7B0319A7E3C9BD9AA36F260FEF360EB"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2943990609867627760
x-amz-cf-id
coNKGrJDptjP0QS3S6o4pscoi8OlKXkkI2IzK7eSEVsl3mY_z969hw==
x-oss-server-time
6
414ce69.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/414ce69.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
e4666d245cd4da4127e8a2ec30c9bd43bd40d40d24ae9eb0e323c485880aa10e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:31:48 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545F35B75AAC537345F0D24
content-md5
/C4DQOwTYQVpzJXznI62Fg==
x-amz-cf-pop
IAD79-C1
age
41589
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:30 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"FC2E0340EC13610569CC95F39C8EB616"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8590598158943571952
x-amz-cf-id
yBN1c0lq7R3fCXW5WpcCmWp-WhBXK3CiEW-QNgQZj-ZemkZU0Taybw==
x-oss-server-time
5
f41bc26.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		128 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/f41bc26.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
3c30a93588ea8529d675744c18266953f8cc013d79d427d11531f01d0a6bb790

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:30:28 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6546010943F9F8303733F908
content-md5
Cj7ok8sTeQXtc39cUhqJEw==
x-amz-cf-pop
IAD79-C1
age
38069
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:48 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"0A3EE893CB137905ED737F5C521A8913"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
18210130878229461264
x-amz-cf-id
3KMUVi-GzfN_UgF-P8JcY9L3orhxed_tN3977Tnc259zp-IyOpzdGQ==
x-oss-server-time
5
a82274d.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a82274d.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
2d8853644d036d7c26dd017558d46631da41deed6324f0c2d12065c4f4e2ddb2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 05:31:32 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6545D71749824C3530468726
content-md5
p+xnq33hnoC88Cm/YpaOHQ==
x-amz-cf-pop
IAD79-C1
age
48804
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:20 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"A7EC67AB7DE19E80BCF029BF62968E1D"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9229321669036866910
x-amz-cf-id
fdGZhJjBFkVUm0EodYszNcsuNyKL8iJFhQ0-NDpTGEJGTGwyrT4_YA==
x-oss-server-time
22
fa5b1dd.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/fa5b1dd.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
02e352b140d14a51c1d66d16a19cd9be5f59b919e5b06a431312b37f966d6cfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:55:43 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654220447594F9373588022C
content-md5
QEL+0QyPFHIa3I1PSn5hQQ==
x-amz-cf-pop
IAD79-C1
age
32953
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 31 Oct 2023 06:40:58 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"4042FED10C8F14721ADC8D4F4A7E6141"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11175103551906163820
x-amz-cf-id
v0fiLmKpIF4HK6KqBEf3SFEgq17CdPZQV7vc4YKQ8XCB0_X8CPeQ6A==
x-oss-server-time
5
eabd2af.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/eabd2af.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1465a97e35c2024fa2914d7762c656eb6237ccecd6e71a4adb706093120d90c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:23:09 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549F3ED72154E39309C6215
content-md5
h8KEkvOaqAc7f3Md/umhyA==
x-amz-cf-pop
IAD79-C1
age
38508
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:41:09 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10332483336993500599
x-amz-cf-id
LpgCzk5WK-VuzmOFhn3QliGJCwW95Ag-8HbSOHU7PaSasSUAs5zseQ==
x-oss-server-time
20
a2a419c.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a2a419c.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
32eb202674cc299996d6b2056a7aa67480a6b134fd6d553b3085e20420eada09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:51:10 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549EC6E1E3C92343894140D
content-md5
+eQmpckeez7+3EDXJLAnbw==
x-amz-cf-pop
IAD79-C1
age
40427
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:41:04 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16019182264924019021
x-amz-cf-id
KPFM0S3haADYmjKmdMmHCBgp47TqT1se_A41OJQcqJK9jXl9h1YyVQ==
x-oss-server-time
1
bfb6162.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		123 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/bfb6162.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c1fb46b1b624ff40905bdb57f36f0e17b5ad3685596b7bca85b71b2ed758a04d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:00:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
654759910A93063137007B33
content-md5
1339zG4+xO+sbLMkcn5uDQ==
x-amz-cf-pop
IAD79-C1
age
36294
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:35 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"D77DFDCC6E3EC4EFAC6CB324727E6E0D"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9485009355149067054
x-amz-cf-id
v-9XWSYzPUIxzRv6n1cDboNJxwq1M_rfmCa2J8KpNQOLDSU-14bn2g==
x-oss-server-time
5
23cf56e.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		105 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/23cf56e.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
14fd9022e526ec04d4ccbe1a4c72b956930e97fbf2784e09e6d367ea26e71366

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:15:09 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549ABBD0A930639328A7CE7
content-md5
HyqlwGfOvMYGfOElKtRC9w==
x-amz-cf-pop
IAD79-C1
age
56988
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 03:12:59 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13567825188840090543
x-amz-cf-id
Xzc4CKPTCG_avXVUC8Oa6FryXGejrupjdIXZwVrXMeCdANbli0A0Dg==
x-oss-server-time
4
077f60c.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/077f60c.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
fdb0283edbd4e5933444da95741c15ca183a0836914659e63caf4d2092a2934d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77F7859E439380F24A6
content-md5
EFEkXkRjtvGl8oS2d9WYjQ==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:04 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7249186054804333052
x-amz-cf-id
EHNedecFAdUF8k318D724kXj_Q6KTKgIuImJ63vSG4Fz0quWV7iSLg==
x-oss-server-time
2
30d35fb.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/30d35fb.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
fe93f7fec9dddc23f8e4112a39e174f9df463575e6c23fc536c6c37af3d39ac5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77F2E6FA43635DD66C9
content-md5
Nb2seholJIiPriehkJakCA==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:08 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
18061442649672424776
x-amz-cf-id
44j3Pd7JL_FGlWYVsvhuYZUPr7HIlbANnj4y9xuaFSkO8l6o5FhanQ==
x-oss-server-time
1
c49c6d8.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/c49c6d8.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
30aba18549cbc008581fa76796a3dae4791d8f84e90d02dc3dfa8c438e18633f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:15:08 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549ABBC7945F934339EF6B5
content-md5
GRvGn4rICB/khbzYB3/rQQ==
x-amz-cf-pop
IAD79-C1
age
56989
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 03:13:13 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14868335142907207335
x-amz-cf-id
dHIijAEY_QZ6dPCNM-U6QbOU_0oxi-lWpMmrgsc7NZzk7qU1UAsh9A==
x-oss-server-time
2
0e1450a.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/0e1450a.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
80c60cf2842c8a1f32fdcc87ed58cff8a8be8004c43ceb33a4707b6930486413

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77FCB36F93134464531
content-md5
YHH45ZYj5TmQ5eIfM1fR6A==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:05 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16647296876630218230
x-amz-cf-id
p8PMAWZ5tRsoRilTaU9oY9IARTK1-uguhj2f2BLaIbI-jpn5m-Xh6Q==
x-oss-server-time
16
dd8bc5f.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/dd8bc5f.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b3547f654c0f3914b730f58ca48fc0cedfdbf1a1245f6716e9296df7c416e3df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77F637FD237365CD918
content-md5
fZkvfRigEvaOm9UoywJZWw==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:23 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16656363733542994196
x-amz-cf-id
TO8FaddgB2M1kGov27sT0nB68uotolyIgwieSQjSkF79tKMnN8DcPg==
x-oss-server-time
0
24036df.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		109 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/24036df.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6fe74c1ac1934858ac578709a5a123f53fefac219b686cd39af86de3da0fa544

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:03 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A77FED08FF3830F7841F
content-md5
I+NQwmQkzPJqPFSKmwh9vA==
x-amz-cf-pop
IAD79-C1
age
58074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:07 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
441064030410870052
x-amz-cf-id
HCgV48l8EBMBEHKPqg6woEjy-r_iDV5BdMW6Nh5cKGzyKoM-ZkKzTg==
x-oss-server-time
15
cc72366.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/cc72366.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
8a556cdd57482298a64ecac411e78550125656c3fc42595ae6000a9c5b8853d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:04 GMT
content-encoding
gzip
via
1.1 f082203290ecd8aea497e1bd9f2f6ebc.cloudfront.net (CloudFront)
x-oss-request-id
6549A7807594F93232454C67
content-md5
BzB8V+zYZrXFg3sUQrbwdQ==
x-amz-cf-pop
IAD79-C1
age
58073
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:22 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3505111260716440781
x-amz-cf-id
Um36vf70S9McRKRo5UonZRnuefvSZq5ZnwgBJX7aK4GOgXjPsoiJ_w==
x-oss-server-time
5
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
24480
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 06 Nov 2024 12:16:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/ Frame 44E6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
85279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 19:23:38 GMT
etag
251720774729838433
expires
Mon, 20 Nov 2023 19:23:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		151 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0943fdf6c62d2bd617c3eee485a93bb0de4358b940654d6b84aacfd6793c32ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4efa8fd3e6ceb0f9e5c09436c95e053d7f275f8c4fba8e1927b87fadeacb69d0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		332 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf2eeb7e1f5a23f225e8356966ff8ebe77ef3c3420b77cbc7852a6f290c2dc4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		728 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b62d0a2a11d9df654c90530290689d25f59869f5edaf3a4acf82a4961db088c3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		324 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91fb784e8633d4474708eb265d54bd681937847ce5bcb3e89fa7596cc6379188

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dffd1840523436dc0d7279bb977091ac40c61c577b57be8885e56c6a7647b181

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
next-icon.png
encdn.ldmnq.com/gw/assets/images/05/gw-new/ 		171 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encdn.ldmnq.com/gw/assets/images/05/gw-new/next-icon.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:1a00:f:2cbf:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d3b6cb89347c29fdb61545172403ca507a1f9a6348648efd54e38f9375658898

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 11:38:23 GMT
via
1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront)
x-oss-request-id
65423751637FD23439F0797F
content-md5
Ijs7ygYPYO2Za3V3lHyCFQ==
x-amz-cf-pop
IAD55-P3
age
26942
x-cache
Hit from cloudfront
content-length
171
x-oss-object-type
Normal
last-modified
Wed, 23 Sep 2020 08:44:20 GMT
server
AliyunOSS
etag
"223B3BCA060F60ED996B7577947C8215"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9621270581342172303
x-amz-cf-id
xlQNqXKiqI6t1J-B0axxmIQj23Qi-BnnOIWouuD-OZFm09GLY3u-UQ==
x-oss-server-time
1
truncated
/ 		826 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4066d9ec7726346bc2fe8ee03ae059c4f51d6bcfa3d96281df44858d6325b55d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		516 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b13f5bd6003603ac840999a8d93c2192e8d9681687ccc8574b1c1b00108a498

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
375e8eed276974ea986820fe59c2ecc2458a4c3699c4deccbb2ab6b723c1a07f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ce464c8287c80c99163a32c3c02d03a95ffc4b9ec1e18b7f84abc6b61667774

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
element-icons.313f7da.woff
ldcdn.ldmnq.com/gw/static/ld_gw/client/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/fonts/element-icons.313f7da.woff
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

Referer
https://pt.ldplayer.net/
Origin
https://pt.ldplayer.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:58:22 GMT
via
1.1 aae0c8231be15466b169b68f10d6a918.cloudfront.net (CloudFront)
x-oss-request-id
65475904048FEF39340B4D0E
content-md5
U1h39QA5wMtJphlqW3UXzQ==
age
36394
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
28200
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:51 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"535877F50039C0CB49A6196A5B7517CD"
access-control-max-age
0
access-control-allow-methods
POST, GET, PUT, DELETE, HEAD
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Etag, x-oss-request-id
vary
Accept-Encoding
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16706094257553909805
x-amz-cf-id
s4fVJScdwuA7CH-sJPOxTKNJ_Bo18n6pIdHzjgB4JlP-7jMbxmP2OA==
x-oss-server-time
114
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.ldplayer.net%2F&domain=pt.ldplayer.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pt.ldplayer.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 07 Nov 2023 19:04:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205265
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
op.js
tagan.adlightning.com/setupad/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-99.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
309f3ab3441aeafb0b828ba3f1ef3bf6ec4886f034f8c3a2af14ce345320ea60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
7IWltcsuWKD1JbKeSb8KqqefCcl2Fa0e
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
date
Tue, 07 Nov 2023 18:05:21 GMT
x-amz-cf-pop
IAD89-P2
age
3577
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6950
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 07 Nov 2023 17:02:10 GMT
server
AmazonS3
etag
"fa8a50fc6908292e2cf151397eeb8d6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
i3CDQHRREJ77a1KqBpiYfvoXAE20W6vnGZL7nRoHwO91O9v_HMjeag==
prebid
id5-sync.com/api/config/ 		135 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpt.ldplayer.net%2F&domain=pt.ldplayer.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Me66vnwycE8xVm0ydUtSMTNFMW1OeXR6NERKYzJEd1dPbS9UaWpVSURGVWM0K0toZjdtcUhkS1BHZVE0cWc0VVhOeFJEemMrSnltNCsrNEtsbTRTTTJKZGg0WHB3NjBQUmEyTFhvbUtpMHJrYUp6T3kvbGxzVEZwbDFOa2...
352 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Me66vnwycE8xVm0ydUtSMTNFMW1OeXR6NERKYzJEd1dPbS9UaWpVSURGVWM0K0toZjdtcUhkS1BHZVE0cWc0VVhOeFJEemMrSnltNCsrNEtsbTRTTTJKZGg0WHB3NjBQUmEyTFhvbUtpMHJrYUp6T3kvbGxzVEZwbDFOa2tmdDh4S3A5UmpxY0FvcE4wRVZVeUp1Tk0rY0h3dHlOMDA2ZjdRNUZHUVN2ZDFjd2JLL0t0SG53enlKWFVqdFpiU3RQcDBQT0lMSHZoSjFCK1dNejB5eFZTQmxLV0F0aWYwVGxHRTYxL3dNQmNFemhMd0JNPXw&cppv=2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f8435f304402699c56159c30ace88558213916b987587a0ebbe84d9abc7410ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1051692
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://pt.ldplayer.net
location
https://mug.criteo.com/sid?cpp=Me66vnwycE8xVm0ydUtSMTNFMW1OeXR6NERKYzJEd1dPbS9UaWpVSURGVWM0K0toZjdtcUhkS1BHZVE0cWc0VVhOeFJEemMrSnltNCsrNEtsbTRTTTJKZGg0WHB3NjBQUmEyTFhvbUtpMHJrYUp6T3kvbGxzVEZwbDFOa2tmdDh4S3A5UmpxY0FvcE4wRVZVeUp1Tk0rY0h3dHlOMDA2ZjdRNUZHUVN2ZDFjd2JLL0t0SG53enlKWFVqdFpiU3RQcDBQT0lMSHZoSjFCK1dNejB5eFZTQmxLV0F0aWYwVGxHRTYxL3dNQmNFemhMd0JNPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
601817
content-length
0
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231107
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39a268fda0b2f2099a2df8d8c03602c3b7f2b0810c3c5dae9592240066a3f439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Nov 2023 19:04:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
11047
x-jsd-version
1.0.1867
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
842
x-served-by
cache-fra-eddf8230103-FRA, cache-mia-kmia1760051-MIA
x-jsd-version-type
version
etag
W/"63b-JnTlFCqqRyZz2+hti6jCfqm7a4s"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:04:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
102978
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9sctuPJUTne1kLgrNU9sN115ng5BbL7TRext8unbENLw9a%2F9sJa5po%2Fv2vLZTuaYt2JN5XuAfciCP8dSyycJ1H%2FvcKttTzjp5KWQvqZslEvJ5zg7%2BB0MrD9LuBdOdrn2%2BJ3yzhxlunS0LZt"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8227d84efb3509f6-MIA
api:client.js
apis.google.com/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: ldcdn.ldmnq.com
URL: https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a2a419c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce98b1f7068fe4eb5d2cb975d6c80893bd441d13cbb25b28bf4ae4af1c6da73a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Nov 2023 19:04:57 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7118
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"5eec3cbcf8fad04f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:57 GMT
816510d.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/816510d.js
Requested by
Host: ldcdn.ldmnq.com
URL: https://ldcdn.ldmnq.com/gw/static/ld_gw/client/132a7c3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ec6fb9d22bf8a0a7a8aa07a5c177193c96f293470373ae83ced9afdc620f7b87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:00:56 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
65473D8BFEEE6A32308E8A0B
content-md5
UEwsSG0zwjhZTMU1/7707Q==
age
43440
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:03 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"504C2C486D33C238594CC535FFBEF4ED"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3515154398140683642
x-amz-cf-id
ism0jjIJHRGJRFzP050a9ftThUBMutptFLc5l2ndxnnCs2ds5TJV4w==
x-oss-server-time
2
e5f30a8.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		197 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/e5f30a8.js
Requested by
Host: ldcdn.ldmnq.com
URL: https://ldcdn.ldmnq.com/gw/static/ld_gw/client/132a7c3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6f6cb8ab3e99cbc397649f55df8ef267bc65d5a2fde29b350ba4ec90376267d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:49:14 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6548C4A32319383434ECC37C
content-md5
OpE7T8MH7zFtZ06fxWQnww==
age
29743
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
197
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:41 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"3A913B4FC307EF316D674E9FC56427C3"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2678761419728939531
x-amz-cf-id
eBxoQdGJjgvVIejmBW0Usr92m7sTImSKa2i4SweD22y4WFzukqNQLw==
x-oss-server-time
1
cookie_sync
prebid-stag.setupad.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e05f2ba7e21d6eb55045fe225f4bf3c5b2dab63d1ea36b878d9d3f551b3554

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4EBHvjTESrMFGyfN2L8N4%2Fl0k5UlTZx16EFevY%2BF2sh51EnhLKASzEGQ3%2F2jWeuaz5BZ6LkqLgPg5NBY2LH79qRZJ9bFIKkjZaxQR4t9nM%2BsbN%2BvMMfqgBpHxWO8S4891lQhEwkJPO%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8227d84fea1b5c6d-MIA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		458 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d4b1d90f89e2cf2d9db4c6c427c998f2e0aa133254b80a377f31eb46b0dbc9

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD%2FMvTTR2TN9xV7FjtdWTNECqIADRH1nEPUxh7qkn3XVRejiK7MJCQQDXkwQvcPHjvYmGEDbNkcULPcPw7EonJ%2Ffywo%2BNvk%2F8CwngxSa3li3xiwctqWnhKVFIQKP%2BHZPQ%2Fnbv0NE9TNW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8227d84fea195c6d-MIA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:57 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.208 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip208.ip-147-135-94.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:57 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pt.ldplayer.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d47bdabf018867363190368dd9181264b95a66b47de3be954f19d564763e09b

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Tue, 07 Nov 2023 19:04:57 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 6 inventory rules not found for mediatype: banner and adUnitCode: ldplayer_net_anchor_ad_responsive
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8227d8501bca5f20-MIA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
7cf4189c7370acceaf3284e043f5c1c54d5abfba595fbdcb1520d4b18d8b04d3

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=55429709880&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		362 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1969856&size_id=2&alt_size_ids=55&rp_schain=1.0,1!setupad.com,2346,1,,,&rf=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&tg_i.domain=pt.ldplayer.net&tg_i.page=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&tk_flint=pbjs_lite_v7.54.0&x_source.tid=2bd3b310-0577-4256-ab7b-56606f24aa70&l_pb_bid_id=301ce6b0ff28ce3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2bd3b310-0577-4256-ab7b-56606f24aa70&rp_maxbids=1&slots=1&rand=0.4802852775672737
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d94bda53b771b844d42fd6bace1e6db91fe72c6cd9b7cd51e8da3d57109348d4

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:57 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
362
expires
Wed, 17 Sep 1975 21:32:10 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bc5573c66ed910e2fada11cc37fb9a51b017aef0928b2c2af759fda95a3131

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 16:41:03 GMT
server
cloudflare
age
0
etag
W/"9e832ab0430e0531c8f4cf871d2061b9489594de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8227d8503ea767c2-MIA
adagio.js
script.4dex.io/ 		77 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:04:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
102716
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NTvwlHOPkb8%2BLBSQAlGlusF%2B9RolXcg8a9dzuWil6hkluGhnPpjyjHZYmMvCMobJkA6JK1lnmM92YLigTest0PMSaaqHhK5sbhqJZsKplUjSoTH2YLycnvfs9p8QdgcnFWJl%2FOlCQM4qxwP"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8227d84ffcd831f2-MIA
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-99.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:04:55 GMT
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
IAD89-P2
age
39603
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
k0nB86T11-HVTDHkZaIdw97REcqBAkb4N3lsaJ-81-yiDHO5lKmKOw==
bl-34df212-e9e0301c.js
tagan.adlightning.com/setupad/ 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-34df212-e9e0301c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-99.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a79239acbd722003ea398bb364df76ced1cd338aa84bfe76ecc31888cbf96f18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:05:21 GMT
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
x-amz-version-id
2qLb_vBfhH97dVK8osvrkcQwH6PDC_6L
x-amz-cf-pop
IAD89-P2
age
7177
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23733
x-amz-meta-git_commit
34df212
last-modified
Tue, 07 Nov 2023 17:01:50 GMT
server
AmazonS3
etag
"2c5d129a05d0ccce4927198f43a35113"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
iAizhB95LCpodmDBiG1svyXMnJFOknaVCLBKHml86yR_iZSiE6Q4Sg==
gtm.js
www.googletagmanager.com/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW27BWF
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5202dc62bfd0cc5becca711f9af316ab604a3652ac1b86d5961afa5128be431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90943
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:26:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Nov 2023 19:04:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1e9d600d551dc15ec9ae553b0e21d1faa8cd5d42f6fbb46faf8111201002174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52062
x-xss-protection
0
server
cafe
etag
14177710208398832921
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:57 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50e854be9f60138faf6c2a1ae1256d76a22f73904949ffefa0d151cba4cea754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138443
x-xss-protection
0
server
cafe
etag
2517213324398243519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:57 GMT
nwGnZj0wdtUfJ9B9xvloDAlPtaIAgznhwnXxdrl8vRRMcPF8kJ6ittyBZHy5p0OP6aU=s132-rw
play-lh.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/nwGnZj0wdtUfJ9B9xvloDAlPtaIAgznhwnXxdrl8vRRMcPF8kJ6ittyBZHy5p0OP6aU=s132-rw
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2016 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f5aef68848917c078b2faeab39c6317c7102f082cc3c619bcdf458287658a7b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:57 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.webp"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1350
x-xss-protection
0
expires
Wed, 08 Nov 2023 19:04:57 GMT
35fbcc2c9596451cba6f5fa79a5290611699295176.webp
ldcdn.ldmnq.com/rms/ldplayer/process/img/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/rms/ldplayer/process/img/35fbcc2c9596451cba6f5fa79a5290611699295176.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b3eda51bb1c8d5c2e23b2019edbd407cc7947934afbaa13b631db4b9261f2714

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 18:43:52 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
654930E6A05E36323059A292
age
1265
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4187765
x-oss-object-type
Multipart
last-modified
Mon, 06 Nov 2023 18:26:17 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"F96B954E6FD5B18705DDC26281A4AF20-4"
vary
Accept-Encoding
content-type
application/octet-stream
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14301859284670630031
x-amz-cf-id
a_sQ-mSlPkQQU1hOFznrt3JSW2DvUPX3f5UBOJFjD9NP2vMXskEWzA==
x-oss-server-time
30
776425f7f9be4500b647a262e75056861699021647.webp
ldcdn.ldmnq.com/rms/ldplayer/process/img/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/rms/ldplayer/process/img/776425f7f9be4500b647a262e75056861699021647.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
9aabfeb94e07868164d8a9e14a7b6d0a7ee4a9b36f225a6f1cea70eeaaa1bf9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:48:57 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6545058C1E3C92303624FE22
age
11759
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3519264
x-oss-object-type
Multipart
last-modified
Fri, 03 Nov 2023 14:27:27 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"DD4CF07B8CE8B7C9EFDE188C6B43D566-4"
vary
Accept-Encoding
content-type
application/octet-stream
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
847224460844105037
x-amz-cf-id
yxqjY7JDniqbBKbPWoYT8t-ik03qKhVklPO9sCwwd7COuXB7jHxFlw==
x-oss-server-time
16
da172d558e284fad9bdda00fbc7293aa1698845773.webp
ldcdn.ldmnq.com/rms/ldplayer/process/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/rms/ldplayer/process/img/da172d558e284fad9bdda00fbc7293aa1698845773.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6e677bb52b2d83a4b9e9acf68f8e897f25442c592160a72fdec4d66654ef45ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:21:08 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6548ABC7AA0DCC3838E50C95
age
35028
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1434092
x-oss-object-type
Multipart
last-modified
Wed, 01 Nov 2023 13:36:13 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"16118D7A4AA61F252235813F27E095C7-2"
vary
Accept-Encoding
content-type
application/octet-stream
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
845924319127692118
x-amz-cf-id
RogqBR-07TLGpYw6neoddE_YZbX-8t3Mcoc00Acap9-zXzqjWI9bPQ==
x-oss-server-time
75
fd7996ec6fd04c2889b0fb07ac42500d1698735162.webp
ldcdn.ldmnq.com/rms/ldplayer/process/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/rms/ldplayer/process/img/fd7996ec6fd04c2889b0fb07ac42500d1698735162.webp
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
8c334b427d09a690413e3633da9f43a624f1ec55619f87f57ae848bfbebdcc27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:21:08 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
654A0184E702E23030CD9ACB
age
35028
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11803
x-oss-object-type
Multipart
last-modified
Tue, 31 Oct 2023 06:52:43 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"173F01DAC8AC083FF8E376389C05E0F0-1"
content-type
application/octet-stream
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8920347372002491055
x-amz-cf-id
ICiimFUf0U8ILyWf1UMfcPMAq503Y20Zgs3TKU-uQ7CG3hisAvIlLw==
x-oss-server-time
54
versions
apipt.ldplayer.net/ows/pt/front/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apipt.ldplayer.net/ows/pt/front/versions
Requested by
Host: ldcdn.ldmnq.com
URL: https://ldcdn.ldmnq.com/gw/static/ld_gw/client/cc0d7a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-62.iad12.r.cloudfront.net
Software
/
Resource Hash
2f02eb1358d0a44ed3306fc4d991b63139cbc7dcf72ea3582bf03bce9141cdd2

Request headers

Accept
application/json, text/plain, */*
Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ratelimit-requested-tokens
1
date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
via
1.1 4a9d2f26d7f571e9f468d5bd20d9ae18.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, accept-encoding
x-ratelimit-remaining
1998
content-type
application/json
access-control-allow-origin
https://pt.ldplayer.net
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-ratelimit-burst-capacity
2000
alt-svc
h3=":443"; ma=86400
x-ratelimit-replenish-rate
1000
x-amz-cf-id
ugp1z0GtJQBncB9WdAT1ngmD5wUrt2ohqoyBf3Ukgz-NsfoxQQaShQ==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Me66vnwycE8xVm0ydUtSMTNFMW1OeXR6NERKYzJEd1dPbS9UaWpVSURGVWM0K0toZjdtcUhkS1BHZVE0cWc0VVhOeFJEemMrSnltNCsrNEtsbTRTTTJKZGg0WHB3NjBQUmEyTFhvbUtpMHJrYUp6T3kvbGxzVEZwbDFOa2tmdDh4S3A5UmpxY0FvcE4wRVZVeUp1Tk0rY0h3dHlOMDA2ZjdRNUZHUVN2ZDFjd2JLL0t0SG53enlKWFVqdFpiU3RQcDBQT0lMSHZoSjFCK1dNejB5eFZTQmxLV0F0aWYwVGxHRTYxL3dNQmNFemhMd0JNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 07 Nov 2023 19:04:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
176120
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
zJzNkE-1594260824685.mp4
encdn.ldmnq.com/gw/upload/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://encdn.ldmnq.com/gw/upload/zJzNkE-1594260824685.mp4
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:1a00:f:2cbf:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e3c82aeed01c02783c3cd94e7dc9496d850a87dc1a653a72dbfe3126b3e23d79

Request headers

Referer
https://pt.ldplayer.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 06 Nov 2023 23:53:25 GMT
via
1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront)
x-oss-request-id
6546D9682BFAC73836F28887
content-md5
J0bZ/zn67LpKIOcNEAz99A==
x-amz-cf-pop
IAD55-P3
age
69092
x-cache
Hit from cloudfront
Content-Range
bytes 0-1468244/1468245
Content-Length
1468245
x-oss-object-type
Normal
last-modified
Thu, 09 Jul 2020 02:13:45 GMT
server
AliyunOSS
etag
"2746D9FF39FAECBA4A20E70D100CFDF4"
vary
Accept-Encoding
content-type
video/mp4
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12714259232218125566
x-amz-cf-id
lIDbNSFbFr-pJsRdcfOHDiES7hghFoS9oVBj_d-56QEZzS5ZVNWhRw==
x-oss-server-time
2
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pt.ldplayer.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 07 Nov 2023 19:04:57 GMT
server
nginx/1.21.6
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame A0E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Nov 2023 19:04:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Nov 2023 19:04:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
server
nginx
content-length
43
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
c055f10b99b5f55f46aab73d7b803d5161d1617736cbd04648c7241e426a6b11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ 		316 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 18:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110396
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 18:40:55 GMT
011bf0c.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/011bf0c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
7aa742be653fae350e8363257d79c15f663aef950e9c90d1230bd4c33501b6f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:00:17 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6544623899AE823631CFFE3C
content-md5
rtOXw7z2uChdtJKZ+TSK4Q==
age
57880
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:23 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"AED397C3BCF6B8285DB49299F9348AE1"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4276106107258609686
x-amz-cf-id
92TsPwKM1gw5Sx4038dMYtf3xBbkC3cFRer8Ryk1Ur4SMUA-McqoeQ==
x-oss-server-time
1
644814a.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/644814a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
26493180d9c6409494824d65a9b3acd36a84e3172399cc60df67a12815455bf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:36:20 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
65476208A846BB36341F1DB4
content-md5
IbDUFiu14M3cD2xnHu1uQg==
age
34117
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:55 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"21B0D4162BB5E0CDDC0F6C671EED6E42"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6144663487167660864
x-amz-cf-id
Ie3GwTfPYtBzTBIPtYJq9Sk2hE1TDtUPk2986ZeBzy2XMqsX5VdpSw==
x-oss-server-time
3
91d965b.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/91d965b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
8061a7ed1089309933bdad03baa51aab10b22c4827ce92b177d5b4feb34f9ab9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:38:55 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6547468943F9F8383122498C
content-md5
8BEKm1P++tS0N8Eb28OBFQ==
age
41162
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:08 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"F0110A9B53FEFAD4B437C11BDBC38115"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17107602865320657575
x-amz-cf-id
m9PUnTuC6jmnE5v4FZjnuAu0eLBhY6Jnt8jUWs7mIzzix5sMZPxzIQ==
x-oss-server-time
5
3074570.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/3074570.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c4c1a5b9ad86d122a39fbf80113e23b12edaa7e3a28eaa3e37d205832a730bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:07 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A783E9CC4C353260678A
content-md5
RJc25D69GmLq9MUjGh36+w==
age
58070
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:08 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8538965700259853885
x-amz-cf-id
Dzq_bauHA7OGjVa3igIef3RU1p9y3WSqYqnO53tHEywYYcR1A2AtRg==
x-oss-server-time
5
a0074d9.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a0074d9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
55f13eaab3d3237cec445d49104fd21a0822fdab2f0b543ff491f2f877a74af5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:59:56 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549E06C7945F933341F630E
content-md5
KmN9inSw9N2alr3aL7r7iQ==
age
43501
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:41:03 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2402005442454761997
x-amz-cf-id
zXzykrEei_b9BdIKLbr4LJ3VVj2sM0JuqhnNUord2N-g3gNb-yIVLg==
x-oss-server-time
3
c655882.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/c655882.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
bf64d162c4007872cea5c188bbbf2a285d565363fcc674785511570cc8c6c65c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:07 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A783F53B5C39310FCA93
content-md5
qzC6/euIuHfMGsRt5MZSmQ==
age
58070
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:21 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
18325024258363166832
x-amz-cf-id
bzfGoM1sS_b2wmNssUd43klfgvl4y3Q1C4Te_Nc80UIsGEDjs3ZjMA==
x-oss-server-time
4
d55d714.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		1 KB
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/d55d714.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d5322c97a4a9c58dc45d5ca103af207741061bd368e6fcc93198108cc355d1f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:00:47 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6545EC0EBEB4E134304333D5
content-md5
jR2LUQaZp3+JxYLT04EhiQ==
age
43449
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:40 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"8D1D8B510699A77F89C582D3D3812189"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1998924430981166883
x-amz-cf-id
sj5VgPfD1bJ7RZBP6PG8PHIEgY493BEPQ_6-RD9UUN0TF0yuDfS3Sg==
x-oss-server-time
4
4c7f5cc.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/4c7f5cc.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
7b1820dcf0ba561648f5e1c1a5f074c6a11fe12f9f795f9838c20dad6ac1702d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:06 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A7824FF14A38315DD280
content-md5
XmhFqSWVTRmuvlsO+IY+rA==
age
58071
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:11 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
12840985461430582266
x-amz-cf-id
7KIfb2vW3RKi0iwlIHZam4FGZxnPZE2Xgt4o88OoJXOR4U2SNqFAVw==
x-oss-server-time
2
969c202.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/969c202.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
967b4d06fc53dfebc8006e8b92f29b7676445d84cd91c9d009f5a77e6b5cdeef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:06 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A7827594F93232345D67
content-md5
GqAmbKo53qa5KvdMBlg1TA==
age
58071
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:16 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15808641039912893900
x-amz-cf-id
q72iFQe2DEZu33dyPL-KKs8QTqPLEhRsL0v66p1HInURvsJpykq1FA==
x-oss-server-time
4
23707b8.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/23707b8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c42264ce6b9ba64fc8c878a225d4a6281aa2c39389e546acfc315ed7a2e415f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:56:05 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549ED951E3C92353601FE14
content-md5
l7e07i5LTkrjIy5zodkBgw==
age
40132
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:40:51 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1779024034739417316
x-amz-cf-id
Uw_5-mLfbGQ9SF61nsA6Ih9d3bwvpbldldHwkh9cd2yI6kesEJTRiw==
x-oss-server-time
19
21eadf7.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		884 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/21eadf7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6fd16a14867b950b9421650d73a2b764f3da7606d969cb1fa1ee65d93ec9e7d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:00:23 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
65446239BEB4E13333727BE9
content-md5
qEs+GHV6tagVB+bcGDUUBg==
age
57874
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
884
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:27 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"A84B3E18757AB5A81507E6DC18351406"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11898634976555445564
x-amz-cf-id
zkAzyb_zYp6bEn8glBgMfZgGCpmMofFZ0gqvNCNfTIjhnrGauPa34w==
x-oss-server-time
10
7c9b809.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/7c9b809.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
cff9e31bc258bbd5f48dc7375b962e21b43587cf6fc2e18494a9cc1c1dac1c83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 06:30:24 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6545E4E50900E636345CCCEB
content-md5
tguJukNl+RuuOxfnvmjKgQ==
age
45273
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:29 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"B60B89BA4365F91BAE3B17E7BE68CA81"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11976616844292961052
x-amz-cf-id
cOtPbmq_DhVTx8WFXFsH_tVqYfxOfulxpk8n6j_Or51QC5doU5ropg==
x-oss-server-time
4
1bca9fb.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/1bca9fb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
7f7876d8fdef35cf47f3dbec128e50d2e5f6051e7700b0f2df075a83187666d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:06 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A782637FD2373691EB18
content-md5
TRzeqe9lCeNUThqnEMvLVg==
age
58071
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:06 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11382655315480796713
x-amz-cf-id
7ZxYIIZv-Hw_G8zlXVZS10mZimM0X4Xxgh5UDzFXFaaUd8gzx3kzqw==
x-oss-server-time
1
a60f42e.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/a60f42e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
8ba12a2510f60caad343e9c996fca81f8889c5762d78541ed4f7fa4ca8e965ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:00:23 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6544623AC05EDB3735AD0D43
content-md5
TnJX3slNGfoGj6RGy2lw2g==
age
57874
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:19 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"4E7257DEC94D19FA068FA446CB6970DA"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3931071087929178029
x-amz-cf-id
jst6-Fk9NtAKmXRIE73mF9Ni2JAwdpMXUdoMX3E2aSSjQH3xd31KCA==
x-oss-server-time
17
67be18b.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/67be18b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
5cb47558e69f1a358fce8e08760b065554ef407d3a394e922bc014cc98577652

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:06 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A7822E6FA436356D79C9
content-md5
2o6UUJVO+HHHHi9C/P/vXA==
age
58071
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:13 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5728510900933966128
x-amz-cf-id
h4vz8xPXInsAKYNZxTCAUu7-AvFJ2XfOARdLfcIkPQbyQCcI5OWADA==
x-oss-server-time
22
3e925ea.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/3e925ea.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6b56ddc3da0759afa4ea112c212b61af934a6a47a4d5b65041d2d76158615aee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:07 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A78343F9F838379FF1AF
content-md5
rVh5a4NBUO8VkQgcUwEztw==
age
58070
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:10 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10819928920433460346
x-amz-cf-id
QkIu53gA4u45rgWlE5cB0LlUelhyyVcL5sju0MDBv0K8oa0mKASZeg==
x-oss-server-time
4
dcb9f62.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/dcb9f62.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6a6a1f0999465a0f793dff32f9d660289235e0998e27ff340a0ccfba19f12c74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:06 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A782A05E36353001289B
content-md5
Eb7TS4i/lb9dRUniRTMbMg==
age
58071
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:23 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3439620935667267128
x-amz-cf-id
tdvgp4TEQwxNTw9bgIb-LWAqPk1CQNdfWeHF93Al5lmh2d2dy01kMg==
x-oss-server-time
31
8e4d6f8.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/8e4d6f8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
eaf68b8382a7596a5e94d4701953be8984b2abb074250a67e8def64efb6c2866

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:32:45 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
654601111E3C923937060BA0
content-md5
IK0YWCFBEKryrCZMN5sNZw==
age
37932
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:55:06 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"20AD1858214110AAF2AC264C379B0D67"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14799046836636773507
x-amz-cf-id
txRM5_Hn1h1LoQIJ9szDPH1oZSSy5qbdvtEsRt7X8kwA91ps8w9Pww==
x-oss-server-time
4
1014347.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		61 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/1014347.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
a35024e1ba7763de7ca1bf798102c5ada917b98cd020bcfd523cceb73314b5d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 02:57:07 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6549A78322435B30375BE0F9
content-md5
QR7QwtGC8XoOICgM2F7NhA==
age
58070
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 02:47:05 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10818507395357872275
x-amz-cf-id
ALi-Ts4eIAlqZAh17febLrKiyNRnCw8V5DPek-OdXm_wIGK00LVeHw==
x-oss-server-time
25
775c833.js
ldcdn.ldmnq.com/gw/static/ld_gw/client/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/775c833.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1f0214b4fb4a8043c535429eab0a6eac075fad6c2a479210f0d140f02201cc04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 07:57:51 GMT
content-encoding
gzip
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
65474AF0FEEE6A3931BD5B6E
content-md5
bQ2j4dzJlg0Je50OwVLg/A==
age
40026
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Fri, 03 Nov 2023 02:54:58 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"6D0DA3E1DCC9960D097B9D0EC152E0FC"
vary
Accept-Encoding
content-type
application/javascript
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5690959560678114525
x-amz-cf-id
AdIHpykJcuzyWEvXSbsn08JNUW77gf1H3mgDuIreJAvnmJJMsQtu8g==
x-oss-server-time
2
cookie.js
partner.googleadservices.com/gampad/ 		391 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pt.ldplayer.net&callback=_gfp_s_&client=ca-pub-3593861583707338
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
202e37a545a4eb72a627858f452b72621660e23918092e612a2dd4b922db7e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 413E 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bd5e291e2019279222ffb3bf57de474873eccaf64eeb3f07750bfe7c02c631d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21831
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW27BWF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89753ef455d232d0c68770ac0aea747c69f74f4f67cb4fd06fe2bd8dcabff5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89984
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Nov 2023 19:04:58 GMT
js
www.googletagmanager.com/gtag/ 		278 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6PJR84EZXV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW27BWF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a45d95f15a9204076259f3d914663cec9587f3042770501ed7f595cc28645e58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Nov 2023 19:04:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW27BWF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Nov 2023 17:54:01 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4257
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 07 Nov 2023 19:54:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Nov 2023 19:04:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
/gdUXVXVDj+YQ9KdNHp7DV3ifGi7772HsMZOGmiTeEVNJ22ijxNCVdmVGAqEqmAlzazvcVBxsUAkbeu3FGbChg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 07 Nov 2023 19:04:57 GMT
last-modified
Fri, 20 Oct 2023 01:13:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C0ABD297D534DE7990D98E2B705CE7C Ref B: MIAEDGE1514 Ref C: 2023-11-07T19:04:58Z
etag
"0125f9ff22da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13079
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:37 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
SAW1HETJ0E0JHM70
age
22
x-amz-server-side-encryption
AES256
x-amz-id-2
SKNVEKHPTbyBNZ7NEmZ9LB35RXlwnm6H1Erk1PoQXWNjNySNg5vAZEGa0gjXsvyztndZsZObYhs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?aa0a06ebcdfcfd94c5414b413ad87eb2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
6688838cc7716335ef7a2e4255f048c617fd6ec1264f9ff8f4755077759cfafa
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:04:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
c5aef4851a1b36a538a431d245bf8779
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11503
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4ad6f2b6e43a838f496dedc942199563
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e5bfeba3c483bd708ece2037522732009658881e13be20e38799525f1905caf9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:04:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
02cb6069971a72d3c9f9a3607b2fca68
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260
ads
googleads.g.doubleclick.net/pagead/ Frame BFA7 		121 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&adk=1812271804&adf=3025194257&lmt=1699383898&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897693&bpp=1&bdt=1210&idt=441&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=455
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce397fcd680732b7add4428b18edb8c7d6a89e7d7c6efce6b3093b8d5a13160a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
29968
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=head%20header-box%20fixed-top%20fixed-top-bg&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6BE5 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66a12777ee081b53b06ccdf4baeeb99b321327236c0c7bd91dc8955c9026dcfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21827
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F1C5 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a8210787927700f4dcf7b1a5cc93b02b21b151359f5c29073bdb3b1e089d153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21842
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4D54 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
811b5a0721c545fa5a5084d5223e17957fabd150938bee5b93ac8a5f94eeb0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 422E 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b150be99850bfa35390723c37e103822059609124bf9e886adb30de09dadfb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
21820
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E27F 		44 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2006f59e41854548ca4e701cd2203c0e727328e275ca4845bb6c6983e79658d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14893
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Tue, 07 Nov 2023 19:04:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ 		62 B
86 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 07:20:24 GMT
x-content-type-options
nosniff
age
387874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 07:20:24 GMT
32002982.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/32002982.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 07 Nov 2023 19:04:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E74C155FA5E94988BE11CAF3A64136DD Ref B: MIAEDGE1514 Ref C: 2023-11-07T19:04:58Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=32002982&Ver=2&mid=0467beed-42ac-45a7-9b20-dec09ce41d97&sid=8b88ab407da011ee8dae2f032854f86b&vid=8b8902107da011ee85dc9703c52f153c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&p=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&r=&lt=1834&evt=pageLoad&sv=1&rn=349600
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 07 Nov 2023 19:04:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2301CBDF2F6E41C1B7761139B88E190E Ref B: MIAEDGE1514 Ref C: 2023-11-07T19:04:58Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1320612970&t=pageview&_s=1&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&ul=en-us&de=UTF-8&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAIAB~&jid=582388105&gjid=560146892&cid=206618511.1699383898&tid=UA-116843255-5&_gid=1738420909.1699383899&_r=1&_slc=1&gtm=45He3b60n81MW27BWFv811493409&gcd=11l1l1l1l1&z=151634932
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1320612970&t=pageview&_s=1&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&ul=en-us&de=UTF-8&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAACAAIAB~&jid=1086249182&gjid=721923751&cid=206618511.1699383898&tid=UA-116843255-26&_gid=1738420909.1699383899&_r=1&_slc=1&gtm=45He3b60n81MW27BWFv811493409&gcd=11l1l1l1l1&z=603314927
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 971D 		290 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5b5229591b74f5c421ba1aa38d6fa48d86585c285492bdb742359ddfb328805
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-8pxQZSWnBSm0unC8h-l45A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-8pxQZSWnBSm0unC8h-l45A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6PJR84EZXV&gtm=45je3b60v9102627819z8811493409&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=page_view&_fv=1&_ss=1&ep.content_group=%E5%BA%94%E7%94%A8%E4%B8%AD%E5%BF%83-games&tfd=2962
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PJR84EZXV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567z8811493409&_p=1699383897594&_gaz=1&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=page_view&_fv=1&_ss=1&tfd=2992
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-59PCK5ER57&cid=206618511.1699383898&gtm=45je3b60v890351567z8811493409&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-116843255-5&cid=206618511.1699383898&jid=582388105&gjid=560146892&_gid=1738420909.1699383899&_u=YAhAAUAAAAAAACAAIAB~&z=395109161
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Nov 2023 19:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A0E9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cf9a84e1558e2922805e36adeaa3b33ea3ea0e83aa1c06c973cb3736cc926fe5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:04:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 10:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56025
Connection
keep-alive
Content-Length
13281
Expires
Wed, 08 Nov 2023 10:38:43 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-116843255-26&cid=206618511.1699383898&jid=1086249182&gjid=721923751&_gid=1738420909.1699383899&_u=YAjAAUABAAAAACAAIAB~&z=1020648366
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Nov 2023 19:04:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6BE5 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:14:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:58 GMT
css
fonts.googleapis.com/ Frame 6BE5 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6BE5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 6BE5 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6BE5 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:58 GMT
css
fonts.googleapis.com/ Frame F1C5 		4 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:33:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:58 GMT
css
fonts.googleapis.com/ Frame F1C5 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:18:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F1C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F1C5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
10069217.json
s.yimg.com/wi/config/ 		2 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10069217.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
GN81VE67MY5QJ0PJ
age
0
content-length
22
x-amz-id-2
SGiWLZJ9gFPqn32CVTxHeGBU97XaP5XWjcKyhTEC2g3o6OaDwIYwUoj072wBICcSBPYIlT6Yhhah750gQm8B47fy9lHf0Ti/onr7SB3phjU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
cm
u.openx.net/w/1.0/ Frame 6F7B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dope...
877 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d43786654b60e741ab27e69b81e9ec9888976e054c6fdd9d48dd635e34b7bdc8

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
549
content-type
text/html
date
Tue, 07 Nov 2023 19:04:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 07 Nov 2023 19:04:58 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
481.json
id5-sync.com/g/v2/ 		251 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
fb74f6c85cace13979c47123ddd61937c52516a0860b0653e5e7df100e13c66f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pt.ldplayer.net
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F1C5 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=3942425844&adk=2257099090&adf=3302131849&pi=t.ma~as.3942425844&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897696&bpp=1&bdt=1213&idt=467&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jHJ35zHNyV&p=https%3A//pt.ldplayer.net&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 4D54 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 4D54 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D54 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:58 GMT
2112333548788678
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2112333548788678?v=2.9.138&r=stable&domain=pt.ldplayer.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72e4bea7d6ff5d28a63fffeff98d2b4388e5cf27351c1811f54d32635d03074a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Nov 2023 19:04:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
PXkoKeGdsz3fOGwKEdDAfOrDF16skWCPB90bzDbfG+7M7LGuRghQz3Vej379UNff8033X9YWK7HvkgpPiZQ/bQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame C9A8 		186 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
85513addfb92c943c9bb5bbe3ec8f9454fd12625c906081f8c09ad099aaf4300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AkTp1y8Gzj_cykx7JcVfB7oaDGO0MRtWq49bDUyD_PUxY2QnytvcRCxf4Se-THfJUeatadSNJDY9W1vDjFLNSfMsnBRKcdY8CGb2XdiFUNEP2JAche0zZh47kaSgZ83VEuYrrg3hd5JF5jsgSHNlzvDvY5sBcqwo1ac1UWYbBnjuz0SZcN6AOsR1ymN1Km6vV37oKypotLKE5kYrROZpGAymprmYTzVD09-2IVvcln5LRHR9OE4HtmS-yj7HcBBD-lJQFQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
66351266
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
css
fonts.googleapis.com/ Frame 422E 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 17:40:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
css
fonts.googleapis.com/ Frame 422E 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 17:28:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 422E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 422E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 422E 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:59 GMT
khaos.json
token.rubiconproject.com/ Frame A0E9 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
css
fonts.googleapis.com/ Frame 413E 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:35:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
css
fonts.googleapis.com/ Frame 413E 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 18:08:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 413E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 413E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 413E 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:59 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-116843255-5&cid=206618511.1699383898&jid=582388105&_u=YAhAAUAAAAAAACAAIAB~&z=940379677
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-116843255-26&cid=206618511.1699383898&jid=1086249182&_u=YAjAAUABAAAAACAAIAB~&z=1002840664
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2007%20Nov%202023%2019%3A04%3A59%20GMT&n=10&b=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&.yp=10069217&f=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 07 Nov 2023 19:04:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A239 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135565
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
Thu, 09 Nov 2023 08:44:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
prebid-stag.setupad.net/ Frame 6F7B 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=openx&gdpr=&gdpr_consent=&f=b&uid=8917367e-87a3-0384-04a1-2b2cff31bff1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBi%2BEzaGDgPazPA05JXzguwSXnrxng0m1KPONg5dwDbtmbLbcBdwa9NtP5MjVjomiui0jBN%2F4iIZbMUKd27tmSQWgB0C40qAXrrSY9T1kcvWhH8W5j%2FwpTOIBsVCrCC6V8rWHYv3DWR%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
cf-ray
8227d858ebf85c6d-MIA
expires
0
sd
us-u.openx.net/w/1.0/ Frame 6F7B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZUqKWwACDSK4-gBH
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUqKWwACDSK4-gBH&_test=ZUqKWwACDSK4-gBH
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUqKWwACDSK4-gBH&_test=ZUqKWwACDSK4-gBH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760031-MIA
pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1699383899.200526,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZUqKWwACDSK4-gBH&_test=ZUqKWwACDSK4-gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
240edff5-ae90-a224-5efa-fdcc813db035
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6F7B 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/240edff5-ae90-a224-5efa-fdcc813db035?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:14c3:cc7e:2a56:2ee8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 6F7B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PMBNQH6ASZSZQ2CZ889T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S7CQYGVJP2D6VE694259
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e81fc5cc-2296-8b97-af23-69ae1659b69c&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 6F7B 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=b0c9b9b1-3e3c-306d-6f2d-eb397e6a7d7c&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6F7B 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhNjZhN2ItZjc0Yi02ZWM5LTdhY2QtYjE4MGI0ODhiMzFj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F7B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJpRFoFzPoL2j_jW1WxayDc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJpRFoFzPoL2j_jW1WxayDc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJpRFoFzPoL2j_jW1WxayDc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
822d9701acb42b4ec4119abc3973bbdd216c3acc268dee93b277238724bcbb68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55814
x-xss-protection
0
server
cafe
etag
8360400491756532636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4494613412077999&correlator=1502788946781086&eid=31079521&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=22857857566%2Cldplayer.net_1000x100_desktop_anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D88a0bbf493de280a-220e2e9dcce4005f%3AT%3D1699383898%3ART%3D1699383898%3AS%3DALNI_MaYo1J2cdq_B39rqlC4FSudYWQx6Q&gpic=UID%3D00000da07c0cc23c%3AT%3D1699383898%3ART%3D1699383898%3AS%3DALNI_MY9kgoGm8T5u7eN4zh872_SEaZz-w&abxe=1&dt=1699383899042&lmt=1699383899&adxs=0&adys=4102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&vis=1&psz=1600x4101&msz=1600x0&fws=0&ohw=0&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=true&dlt=1699383896483&idt=789&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=1383632267&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
420bbf00d533278565c6e8e6307f1d974a3fea1627410aef0d5ecffb792834c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15558
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
Wed, 06 Nov 2024 19:04:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 971D 		2 KB
913 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7454f0ddca741a56b186d7e37a3af5afd253e92d27005874af708bd0dccd19b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.xoYXOOVhhcA.es5.O/am=CAM/d=1/rs=AOaEmlHxRq1JAtnffqzOG8FniVoVTUcLGQ/ Frame 971D 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.xoYXOOVhhcA.es5.O/am=CAM/d=1/rs=AOaEmlHxRq1JAtnffqzOG8FniVoVTUcLGQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e1541294ad1b2c4d9020af4ea4b3a02cc87d14cc164a129099bec183a63ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 00:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37664
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 04:48:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 00:45:33 GMT
5111
8proof.com/app/rtbmarkup/ Frame 2C08 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=667055444829&ctd=10034&crid=3255&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8oQmWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEogJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FowQ4pRgFdkFX6s4TUp1XuN9ZjhdpvaLT94Rx2Kt5wu2kJ3YcNos0GQE5IAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1PhKRWGvLR7rTV0Ncb_WDIwItRXA%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWgAFsf0ITwVBAAg1cheCfmYZeIqrsGo97w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
77081a7e7c7f5a0727c567b8904f492ea917edfed8da266b58b9f0d9bc135ad2

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 07 Nov 2023 19:04:59 GMT
server
nginx
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame E3BC 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4yRTWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEnwJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FoxS4LXy6l6yChaPULGGTCCmFxhXcP-lV2v3LHBuNqyfvIUl0nV5bYAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=XSxVfb75Bvg&uach_m=[UACH]&cid=CAQSTgDICaaNFxVPCOWFxk7mtgn6Uq8WwmkImQkQVMR5Z5aURx4n7bkXoDV8rc1CYFR33DYS3g1U5YG6EQAHQ3jSWtgBB3iLetHEocP7mUaZVxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Nov 2023 19:04:59 GMT
win
8proof.com/app/ Frame E3BC 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8proof.com/app/win?id=667055444829&ap=ZUqKWgAFsf0ITwVBAAg1cheCfmYZeIqrsGo97w&t=b&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=1618680683&adk=3631052741&adf=3360100671&pi=t.ma~as.1618680683&w=346&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897699&bpp=1&bdt=1216&idt=484&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280%2C346x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=1418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=xfBwqfIXIa&p=https%3A//pt.ldplayer.net&dtd=492
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-length
0
server
nginx
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 19:04:59 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C9A8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C9A8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C9A8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 01 Nov 2024 19:04:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C9A8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 01 Nov 2024 19:04:59 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame C9A8 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=v7MiH42f4SAVDIm4VzGo7_dPReEZNX-ln0qrVox_8-lIaGJfhbR9RgoqJNMPg8yXRKK1_c_Kwzf4WD5Ht0-kcjk4ye-e9KWoW6cynRe8JvQFSZuoGRj1Fr47OlHNUofziLrEqkV1UuEpHlqBUry1NW0YBxgeoNGjB0C5iY64A0bf-ETYvKiRiMSgXrlLGJZOoq6NVuY0NGY1ywHktt85xQ1ZL0yUXsg3PPcUZASMBxgSylxjJBkkWYdJMTzK5xlZzeirafG47mT-AsNpaBLkYwErxkl3E-e1yAeeyj34U_uDcTv3vvAbFxoqY5929gFK5lPr464MSs4S4aHyB82pFIkR_JuE48UjTzsxcI7KK08wTLKub3yEIiP4tTt9loSqme7BHc1L8Vk4WmvT8KJ7kCt_PuwPx3FR8sNzV5bBJNRGEfEy
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2958374
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C9A8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1512307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndvCLHL9bWpfzxxBnzQNtwj4UKoV6hB%2BqOi31nHUrnJ6Mu6%2FzCHD%2FBMdG4rqst%2FA4R4Ty2K0UeeoLD%2FAAh5fW6rVoRPAdhk2CErXgBN%2BnlMSD%2Bz2NHZTFkjAhqpu0I1l6vCBXujY9%2Fw7fI2EXVV43k4z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8227d85a0ff98dfc-MIA
expires
Sun, 27 Oct 2024 19:04:59 GMT
animejs.js
static.criteo.net/animejs/ Frame C9A8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2112333548788678&ev=PageView&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&rl=&if=false&ts=1699383899136&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1699383899134.2079519009&ler=empty&it=1699383898702&coo=false&rqm=GET
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 Nov 2023 19:04:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 4D54 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af7bd56d3112a05dbe41de9b7550e8ebfbee656e33fa9c852dc0082a14d7a1df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.us.criteo.net/img/ Frame C9A8 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F65947%2F200117%2Ff16c04a00e9e4da59158962917a2f40e_aed_us_logo_new.png&v=3&w=196&rid=4&s=yIx6PY9bXQLaC_z5beOd4U0x
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4597a77c1db9dbd0a33684ebdce638203a1359ef4bae7fd819b813bcc2daf382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13682
expires
Wed, 09 Oct 2024 00:31:43 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fm%2F5%2Fm5073a-3t-1.jpg&v=3&w=400&rid=4&s=sfCRjhYNFQpKoc_LD1hc-qCw&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0169437956aa765bb12f74e618d7862f422b2d03cd60ae6a1f5a3d0d82a4e745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4622
expires
Wed, 02 Oct 2024 09:15:51 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-infant-manikin-carry-bag-4-pack_1.jpg&v=3&w=400&rid=4&s=rhOWLnbBoq0nBGbL5WA9XpOf&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dd1a3c12592bcfb23523a42abbc48c66a355cadcafbb234e8bba87eef2f6cc82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8038
expires
Fri, 04 Oct 2024 01:59:12 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-professional-child-dark-skin-head-assembly.jpg&v=3&w=400&rid=4&s=ZHiKh3CwLevvrwMYQd6v1dEp&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b2ddba2747cb391af2f19c7d4e30258d4c3fc9e78d28808b141ba13b65438606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4124
expires
Wed, 02 Oct 2024 02:52:00 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-professional-adult-medium-skin-head-assembly.jpg&v=3&w=400&rid=4&s=uQ8YzjLZDdaOq_mya48AMcJa&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dee4990543958ba68e658ea4b5f2350b45778242448a4cb6150d5670a9adb478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3766
expires
Wed, 02 Oct 2024 09:10:48 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fc%2Fa%2Fcardiac-science-powerheart-g5-adult-intellisense-defibrillation-electrode-pads.jpg&v=3&w=400&rid=4&s=QRs6KmQIpVacuyiim0jEPNsi&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
25203d9e24924be10eb685e1464ba9674db3f0694d281ca9fa4fa9c295c0c650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6126
expires
Wed, 02 Oct 2024 05:02:05 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-professional-adult-jaw-thrust-manikin-head-medium-skin.jpg&v=3&w=400&rid=4&s=3OuWc5HT-s12aU7Mj8TYMao8&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
437e6a843b5eca8d0a597d6acfd1402ce2051a4cd5571ffd40c30774722fa803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4268
expires
Sun, 06 Oct 2024 01:03:07 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fz%2Fo%2Fzoll-pedi-padz-ii.jpg&v=3&w=400&rid=4&s=24pSjC7Kg1PbYcU4ZbzPnlRn&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
11eea7e45a8b985f966fe436afeb2f51b83215ea07616ed0b336c976477ce06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9756
expires
Sun, 29 Sep 2024 00:15:53 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-series-2000-professional-adult-manikin-add-on-kit.jpg&v=3&w=400&rid=4&s=QgQgEPpVIx0XwDaAYjeRB1PB&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
70db5b9348916a1a5fc1fa55777f1598c05504d60fca514e68a250fcfe8d28b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7352
expires
Sun, 29 Sep 2024 00:55:29 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fz%2Fo%2Fzoll-stat-padz-ii.jpg&v=3&w=400&rid=4&s=B-IAeDYePCV7RaRvvfwN3fz9&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
43efec7f1527f96e1aa0ec3ebe52296866320bda96fc126b68c79f6d8f4eb95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7866
expires
Wed, 02 Oct 2024 07:41:01 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2F8%2F0%2F8000-0807-01.jpg&v=3&w=400&rid=4&s=k-bMGbjxtN9ZYgX8ejqCdQfi&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
035aa5d11e5faaf0793aa73c7d81e3ea4e0f2437e49a71c6b93c6f534b14d433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
11250
expires
Sun, 29 Sep 2024 00:26:04 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-ultralite-manikin-torso-assembly.jpg&v=3&w=400&rid=4&s=PH-1yW9m45w737dtMKOjO1Px&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1c5e06289f4fa63c0018d47707d8d08dbd9a8c1c3db8207502c75711326cf097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2976
expires
Wed, 02 Oct 2024 03:08:28 GMT
img
imageproxy.us.criteo.net/img/ Frame C9A8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65947&q=80&r=0&u=https%3A%2F%2Fwww.aed.us%2Fpub%2Fmedia%2Fcatalog%2Fproduct%2Fcache%2F07f6eb4414d448c59d4d684be7e50acb%2Fa%2Fe%2Faedus-prestan-professional-collection-manikin-blue-carry-bag.jpg&v=3&w=400&rid=4&s=cNbGUoMUoCp63iuUVg6cdAhm&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e9290a7aa4dcfa7ce562ea45d98422de57ebe799036d069d4fe4e75ee036d2f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7988
expires
Wed, 02 Oct 2024 07:39:59 GMT
all
csm.us.criteo.net/ Frame C9A8 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=AkTp1y8Gzj_cykx7JcVfB7oaDGO0MRtWq49bDUyD_PUxY2QnytvcRCxf4Se-THfJUeatadSNJDY9W1vDjFLNSfMsnBRKcdY8CGb2XdiFUNEP2JAche0zZh47kaSgZ83VEuYrrg3hd5JF5jsgSHNlzvDvY5sBcqwo1ac1UWYbBnjuz0SZcN6AOsR1ymN1Km6vV37oKypotLKE5kYrROZpGAymprmYTzVD09-2IVvcln5LRHR9OE4HtmS-yj7HcBBD-lJQFQ&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C9A8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C9A8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
truncated
/ Frame 6BE5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fefd57c0feb7d046c14d05d213bf2297c327f3182fee123ed89fa8bfe554b7ff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v12/ Frame 6BE5 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v12/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9b6e9c868ee773f8ae051969af0dcc62e6d7ec2b6e961eb3e46e17056f4ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:31 GMT
x-content-type-options
nosniff
age
345028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19384
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:55:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:14:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6BE5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:10:47 GMT
x-content-type-options
nosniff
age
597252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 21:10:47 GMT
truncated
/ Frame F1C5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf242ced2a749ec13a46b60fa8e1d8376f9986761c25c174919cc6fe6678a745

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v12/ Frame F1C5 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v12/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9b6e9c868ee773f8ae051969af0dcc62e6d7ec2b6e961eb3e46e17056f4ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:31 GMT
x-content-type-options
nosniff
age
345028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19384
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:55:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:14:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1C5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:10:47 GMT
x-content-type-options
nosniff
age
597252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 21:10:47 GMT
rtimp
g.rtbrain.app/ Frame 6BE5 		0
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8c47bf-7da0-11ee-98cd-1e2147aed323&d=pt.ldplayer.net&cr=carmax1__0&gid=&a=vw&p=ZUqKWgAFR7gE0ZqnAAzoY_jofYd9FvVWWXfouA&r=1944632577&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=9194752524&adk=1152246836&adf=2339930572&pi=t.ma~as.9194752524&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897694&bpp=1&bdt=1211&idt=458&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=SQYeXitIve&p=https%3A//pt.ldplayer.net&dtd=463
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CLik5KzKsoIDFaea0QQdY-gM1g&_et=690&tfd=3685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CNWs5KzKsoIDFVkOTwgddTUBWQ&_et=1&tfd=3694
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CKmn5KzKsoIDFQGO0QQdnZMOFA&_et=2&tfd=3697
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 422E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abb466d690ea4eab8d1e37002acc314c832e0ba867f3d7978645032db4fdf029

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v12/ Frame 422E 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v12/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9b6e9c868ee773f8ae051969af0dcc62e6d7ec2b6e961eb3e46e17056f4ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:31 GMT
x-content-type-options
nosniff
age
345028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19384
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:55:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:14:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 422E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:10:47 GMT
x-content-type-options
nosniff
age
597252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 21:10:47 GMT
rtimp
g.rtbrain.app/ Frame 422E 		0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8bf8b5-7da0-11ee-8c29-0ad2e3072c3f&d=pt.ldplayer.net&cr=carmax1__2&gid=&a=vw&p=ZUqKWgAFZFoE0aHFAA1edTn225MF4FEn2SqrZg&r=768461936&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=7881670850&adk=197933115&adf=2948317989&pi=t.ma~as.7881670850&w=346&lmt=1699383898&rafmt=11&format=346x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=480&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1054&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&xpc=NMCL1lDPCt&p=https%3A//pt.ldplayer.net&dtd=483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
montserrat-v25-latin-800.woff2
cdn.8proof.com/assets/fonts/ Frame 2C08 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/assets/fonts/ Frame 2C08 		0
0
setuid
u.4dex.io/ Frame A0E9
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LOOPANM3-1W-DN8V
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87cd4104b334675e13feb86f1a1ad5cf
Expires
0
truncated
/ Frame 413E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c04cfb87f2ee744ebb8686426c5f9c6c5af6e5a321a25c8498f071df7c302520

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v12/ Frame 413E 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/secularone/v12/8QINdiTajsj_87rMuMdKyqDiOOg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e9b6e9c868ee773f8ae051969af0dcc62e6d7ec2b6e961eb3e46e17056f4ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:31 GMT
x-content-type-options
nosniff
age
345028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19384
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:55:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:14:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 413E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:10:47 GMT
x-content-type-options
nosniff
age
597252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 21:10:47 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CNrd5KzKsoIDFcWh0QQddV4Niw&_et=94&tfd=3793
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CJOi5KzKsoIDFUyNdwEdNHYBcg&_et=2&tfd=3796
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/ Frame 855A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
80630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 20:41:09 GMT
etag
251720774729838433
expires
Mon, 20 Nov 2023 20:41:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A239 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40905876&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
958bfe42948f047b7ee4d0dcaf1028b84710a5639d8db15121a8bff7cf700ddf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 19:04:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtimp
g.rtbrain.app/ Frame 413E 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b94d383-7da0-11ee-9945-122c4ef4f9bf&d=pt.ldplayer.net&cr=carmax1__2&gid=&a=vw&p=ZUqKWgAFRpMBd41MAAF2NGNHW7OgzMsna1m4MA&r=1046700276&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=600&slotname=3380315885&adk=382898203&adf=4237291121&pi=t.ma~as.3380315885&w=200&fwrn=4&fwrnh=100&lmt=1699383898&rafmt=1&format=200x600&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897686&bpp=5&bdt=1204&idt=393&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=8426645240781&frm=20&pv=2&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-20&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=Tk2nKZlr5y&p=https%3A//pt.ldplayer.net&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
setuid
prebid-stag.setupad.net/
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_con...
  • https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&f=i&uid=5030548864787626141
86 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&f=i&uid=5030548864787626141
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfOXcBQCQ4CpqiRDkLQ7VJ0%2BMXZ8vHKw8EO9GDGjLAddEw3idHFOSlVaVEvRkUcEDIuGH2E6EK857akm%2B6NycUWKKPlN%2Bdbbsa71Llhx%2F9bHSS%2BN4VB6zMECS3f03scBFhPMv7vNrKWe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
8227d85e4ec25c6d-MIA
content-length
86
expires
0

Redirect headers

location
https://prebid-stag.setupad.net/setuid?bidder=smartadserver&gdpr=&gdpr_consent=&f=i&uid=5030548864787626141
date
Tue, 07 Nov 2023 19:04:59 GMT
content-length
0
oswald-400.css
static.criteo.net/design/googlefont/oswald/ Frame C9A8 		2 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f083-639"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
oswald-700.css
static.criteo.net/design/googlefont/oswald/ Frame C9A8 		2 KB
801 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b6d163f6ac847d2ae411128f4a3b9397034b109bff2bfd4db86182761eb1bbd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f084-639"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
setuid
px.ads.linkedin.com/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOOPANM3-1W-DN8V
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6AA58A6C5FCC49DF964F1150AA8F75DD Ref B: MIAEDGE1522 Ref C: 2023-11-07T19:04:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJlKWuBBMvaCzg6UKlLQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOOPANM3-1W-DN8V
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A0E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo8NiaDlGzb5EhFWPgABLQ&google_cver=1
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo8NiaDlGzb5EhFWPgABLQ&google_cver=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo8NiaDlGzb5EhFWPgABLQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9PUEFOTTMtMVctRE44Vg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKuvk-P0K2Fhh2gaDG8P9qs&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9PUEFOTTMtMVctRE44Vg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9PUEFOTTMtMVctRE44Vg==&google_push=
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9PUEFOTTMtMVctRE44Vg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
ecm3
s.amazon-adsystem.com/ Frame A0E9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sTYZsXRXT4mWhWrlwAZkrA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sTYZsXRXT4mWhWrlwAZkrA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sTYZsXRXT4mWhWrlwAZkrA
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7KAWXC6AYKH25YK6VH2R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sTYZsXRXT4mWhWrlwAZkrA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU4M2QxZGRkODRhZjU3ODdkMmFmMDk1MjYzYzBmNTNiMDlhOTgyZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU4M2QxZGRkODRhZjU3ODdkMmFmMDk1MjYzYzBmNTNiMDlhOTgyZA
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWU4M2QxZGRkODRhZjU3ODdkMmFmMDk1MjYzYzBmNTNiMDlhOTgyZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A0E9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IflcncUcTpGEiSbwC39oBQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IflcncUcTpGEiSbwC39oBQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IflcncUcTpGEiSbwC39oBQ
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
970YJBW27KK0GGV3ETAE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IflcncUcTpGEiSbwC39oBQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame A0E9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Nqb9teZ4RXBPfoTay9f-mMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-h.v66FxE2oIFikz4Hgte7yvdhU349jjb.BeIDw--~A
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-h.v66FxE2oIFikz4Hgte7yvdhU349jjb.BeIDw--~A
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-h.v66FxE2oIFikz4Hgte7yvdhU349jjb.BeIDw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A0E9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG1Qk7KlRUAABik1x1ecw&expires=30
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG1Qk7KlRUAABik1x1ecw&expires=30
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG1Qk7KlRUAABik1x1ecw&expires=30
Date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame A0E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOOPANM3-1W-DN8V
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V&ripv6=2001:550:1d05:1::6
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V&ripv6=2001:550:1d05:1::6
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
3.162.125.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-73.iad61.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

date
Tue, 07 Nov 2023 19:05:00 GMT
via
1.1 c1cecf43ad8e18f031edf5229ce4289c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V&ripv6=2001:550:1d05:1::6
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
b_EmfeDUxQKbUs8no9ACiuoGfDscfzpsk92fkLpPqqDzNWI7Ui0JrQ==
cksync
hb.yahoo.net/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOOPANM3-1W-DN8V&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOOPANM3-1W-DN8V&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NamxyZE90RTJ1RjZlUmp6WjhONy5tdVFnUzBSV0dGTn5B&ovsid=LOOPANM3-1W-DN8V&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NamxyZE90RTJ1RjZlUmp6WjhONy5tdVFnUzBSV0dGTn5B&ovsid=LOOPANM3-1W-DN8V&dpid=58160
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
23.223.209.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-209-211.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 07 Nov 2023 19:05:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 07 Nov 2023 19:05:00 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NamxyZE90RTJ1RjZlUmp6WjhONy5tdVFnUzBSV0dGTn5B&ovsid=LOOPANM3-1W-DN8V&dpid=58160
date
Tue, 07 Nov 2023 19:05:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame A0E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
43 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
68.67.160.132 Fairfield, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
an-x-request-uuid
68a0a2cd-a02a-440b-88fc-3668025a8314
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame A0E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOOPANM3-1W-DN8V
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A0E9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOOPANM3-1W-DN8V
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOOPANM3-1W-DN8V
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame A0E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LOOPANM3-1W-DN8V
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:00 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
v1
match.sharethrough.com/sync/ Frame A0E9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOOPANM3-1W-DN8V
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Server
18.210.186.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-186-30.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 08 Nov 2023 19:04:59 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=206152545&si=aa0a06ebcdfcfd94c5414b413ad87eb2&v=1.3.0&lv=1&sn=61350&r=0&ww=1600&u=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&tt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
css2
fonts.googleapis.com/ Frame 855A 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 17:35:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 855A 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 19:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
84215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
15318980762987274547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 19:41:24 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 855A 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 18:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
3374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8785
x-xss-protection
0
server
cafe
etag
17726888854999048520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:08:45 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 971D 		49 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fpt.ldplayer.net&client_id=723035348968-85quvmssc66rdbnucgh7esn6i4i5nfn8.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.xoYXOOVhhcA.es5.O/am=CAM/d=1/rs=AOaEmlHxRq1JAtnffqzOG8FniVoVTUcLGQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200d Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-BClr8ihPAM-QLt9hDDRpNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-BClr8ihPAM-QLt9hDDRpNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Tue, 07 Nov 2023 18:18:57 GMT
content-encoding
gzip
age
2762
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 07 Nov 2023 19:18:57 GMT
rtimp
g.rtbrain.app/ Frame 6BE5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8c47bf-7da0-11ee-98cd-1e2147aed323&d=pt.ldplayer.net&cr=carmax1__0&gid=&a=imload&p=ZUqKWgAFR7gE0ZqnAAzoY_jofYd9FvVWWXfouA&r=1944632577&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6BE5 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXQXgWopKZbiPFae1xtYP49CzsA2Lv4iuZvG66fX_DsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQmoAwHIAwKqBJgCT9C9-B7J7odE11xyufRJfhkCP8QKXS7YlBf_Mmk6MPFBX6_gF7TcH4zVV3VDNOOlWQoItMMZ0E8oA8u0OQeroVXn3dvmNX7IlJbymWaxAzTRXMpFn679G068kKm_aYtsYu5Et4icge40BPvCOk9pN9Z1CQdB0AX1rZiyXy1mWZvk_g9HFDwrY-chohRlQdIyTKTRWcYX_Pru1exM12z3u4f91UJPO0ur8f34itZfKALGe62LOgLzHu5nn9BgCjtPtwIJ6gI4pC4NmSq9bpNtlr8sYyqhSPDfxFReqovSx81EuiZ_Shis93tVtT-gcHntRBPXa8FeT6vNbU_SSrEoOz6AHda-Jk_VW3-oh8sCGc11AZTOm8eMGYAG_pSpzuSgs8XsAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=Jn6cv0mAY6M&uach_m=[UACH]&cid=CAQSTgDICaaNxmi856zTUdwQuYLPMf0keso7IExILtIOrufFkKtztk1mAYaMPtXEGMnGls8FgJarkRj5-X4ZnsvyaZyZlRs8Hsl5sCxGU8uMhhgB&cbvp=2&vis=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.rtbrain.app/ Frame 6BE5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8c47bf-7da0-11ee-98cd-1e2147aed323&d=pt.ldplayer.net&cr=carmax1__0&a=imp&p=ZUqKWgAFR7gE0ZqnAAzoY_jofYd9FvVWWXfouA&im=x34uJuTngYGIDaXuyG9dgNv25KY-4F-OmcQbRokh2bUihoTOl2MXXLX2M-Lavp3z0aXWRkynHkj2VU936uKxmeD5DVasgIkNVOSRAl4minb3VMFwLLHo1JQi1aq3ILJOjkxUT7kPkPpwq7LIJKQIHJPV3LBcgcnJzCywn4N745c1gf4P-RNIPoKmZ0l-QCtvRtPe-akol4lzMEz-EJAomWrLc-iezKfKLx00xJQE74u1HjpsdL7OfQZINP2HOkv8xvi-OaRlg9khmvHKZRU7X0_jvYAqGdHC55zIrlcp1g-dWMLJfSbi9XgRO-pBt_4nktpkXHnhTzUxQHNd3bqi_BBkDJLIYt7qOWXTppmJpBA&cbvp=2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.rtbrain.app/ Frame F1C5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8d2d9d-7da0-11ee-8ae9-6a0c075e9f3d&d=pt.ldplayer.net&cr=carmax1__2&gid=&a=imload&p=ZUqKWgAFS9UITw5ZAAE1dQ6mKl6_PG6dV5PkQQ&r=1791243346&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame F1C5 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1UK1WopKZdWXFdmcvPIP9eqEyAWLv4iuZvG66fX_DsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQmoAwHIAwKqBJ4CT9AqxWhNwZN1gW2muJtQX7JWuzQDryM0C1own8R8ftnUsjWjBE6_hxZ6hmj7HQMBMzB9v7qeCJWEDOceIyF2r5marMQaHzUKhjfU8j59DN0Y1VXHHAAHBiCZSK2PuymCmPjC0Yk0CSkGLXPsvOn5ScAtuNQnaz3jqPJ3QtuZjCxNkq3FEzMHf3sSL_e_T7EZ1OUPKLiMXP234kdfK4CrphtSPLZkMQEkfixhXox1K2ezdlnFXSeSOt3XNZmPYJraDYO4aLwUMQOko8sxbYW9lYijhLgV_GrUE8-QDO9DQWr9vZ085wbPpUjff5C1LFt8Iiw3Kh7eVL9ZiM45cmZq3bc4QUXfVAtr1ECPUGzKGHSlC2xFhIrBYfNpsCZTdoAG9vb3j_iyl9ecAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=2_uYrYTg480&uach_m=[UACH]&cid=CAQSTgDICaaN7BtaLV5F9_hmWIXeOk_z5WSSZWZ721o8R5ki5zTAhzLiu3_Vf8maYFeARe5SIgy5p7W2d3rylmYPKDKaiEJQKxVRJuw86lO3LBgB&cbvp=2&vis=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.rtbrain.app/ Frame F1C5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8d2d9d-7da0-11ee-8ae9-6a0c075e9f3d&d=pt.ldplayer.net&cr=carmax1__2&a=imp&p=ZUqKWgAFS9UITw5ZAAE1dQ6mKl6_PG6dV5PkQQ&im=GMRH7tSOZyG7YgNzTojsTTIy8dnk85KZTU6fYtVRiLiaWSTYoNzhLKDzFjeD-tsIeOMuh3nzYFpVaGBjrONCE9mRVjRpQ0H6pe3Jlbg_KZZb7Kv4ipWNmMExuQm_8BvHFBIwxAPxL_tdmS82TAYfoozcrLFALROZLhMQDzDb-68vUBqhFmEF9_Ho3_UiE1P9QuvH-xm9ED8sYavtVhwIAo3qwixWu-EX4Q4mR7BSIYWbMwywF6qWAkftlPRr_9M3APydNVdY9sGF2Y6oj3iZZWbwAG9SoaSHLdZCRP1Gr_9kuYGkXVN23WnubMJgRI_MBJfpW2QFpIrhRvCHr2ETK4sihY8XNJpovsjopqTMOtg&cbvp=2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
oswald-400-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame C9A8 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f083-2670"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
oswald-700-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame C9A8 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
af2040fdd460a647ab55faa3597a714dccaed4bd3eda8f4ed7c9aede9cf99ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/oswald/oswald-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f083-27bc"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Nov 2024 19:04:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4D54 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3jXNWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEoAJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-Q9talnoIJ8XnoZEx3fRS2mmcoomoloOP5c4b7CMVblGVoWU_mGABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=3jWHUWZzDSQ&uach_m=[UACH]&cid=CAQSTwDICaaNC71YEzc-NtkqEijyZvt7qfPh3ZlQbLkTC2EQB_vzroFQ8cAdeQMz4k2pA7LFP9av2AYtJMWyrwLGYdDN51hhdqpHwkRPX8367zgYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.va.us.criteo.com/google/auction/ Frame 4D54 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=krWSDM36RKoGmALiIp0XAgAAAKjIJG_IpGes6TbYZxBaikplE3pIx1MKFVK7QQAAEgAACgpBUVVEQ2dFQkNn&wp=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
198021
server
Kestrel
content-length
0
rtimp
g.rtbrain.app/ Frame 422E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8bf8b5-7da0-11ee-8c29-0ad2e3072c3f&d=pt.ldplayer.net&cr=carmax1__2&gid=&a=imload&p=ZUqKWgAFZFoE0aHFAA1edTn225MF4FEn2SqrZg&r=768461936&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame 422E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFi5XWopKZdrIFcXDxtYP9by12AiLv4iuZvG66fX_DsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQmoAwHIAwKqBJgCT9DvQoZpxCBdFptkKrvgJCsL69t_kIU7hHzmF62PIqpKMVh6WagDeO4DwusOJr-e2FWFS3Ln_RjdLJ8iYENdlULtkKxJlZ44fkQp4Bta4hvqn7t7FWi_J_GbU_o9qxkPf3SDux2OuC9ksZWMEZXskCxPMTRhhC563ctvK2OdsRMX7Qk7f1n8ZCfFZtgs8XS02JMp7cTySbbxz47TO-mPfbcSWHkGR88FPJP2ozM0k7PtXssPUmG03nxHBlOJxd8XSDok-w0sB7tIVwA4YtE9P86ULckNk8etQfT1dyxKEDWCwI1mPjRTm7i4r2w2vu2Z5O98GP9m8mZ9lx4OyiBanEnZgDhOuAes0N-cM2Di2jnNkNMPv708MIAG9vb3j_iyl9ecAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=0QrZ2GegkWQ&uach_m=[UACH]&cid=CAQSTgDICaaN5ydz_3SY3MlvLyTQTnFm6tRmd60C8esxFtIgCcd3gnXy9tE00QgLo-UQRdTnZ-_YBCFA_BBgGZ6zCrVrgkRe401l2CSyd7-HhhgB&cbvp=2&vis=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.rtbrain.app/ Frame 422E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8bf8b5-7da0-11ee-8c29-0ad2e3072c3f&d=pt.ldplayer.net&cr=carmax1__2&a=imp&p=ZUqKWgAFZFoE0aHFAA1edTn225MF4FEn2SqrZg&im=tUIV-EH2t_hvQFjefd7i8uldjLpw4Le4Tt0UEuTz9T9tIYPUm5WGu9WA9iI6HPveRvrxF14My_GvpFKnqD90XZhs11vmkaI99nLkR7UYGspoYjk9ab6bmMLmthGH-B6jlsf8IHsIdYNGujlFbrEKsUeNeaLtdBetQz_nJIFZDRHRfRQid3ZD0aKjf8fQrM5RdqVdeZAltsqa-Pmg_GVgximwmW4bkDxNXSm6PlDWk8TVHhcUY2alGY7_4ZPlnKAC4WUiuaxla62VCsLtcTQthAasolM3xIPska0RIWBgKc-bJDoWVJr0V3y_tZjx3Jed2boZTuRRmpOOL8fqq61ugOSpYK0gLaF2d6AC0ACkirY&cbvp=2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.rtbrain.app/ Frame 413E 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b94d383-7da0-11ee-9945-122c4ef4f9bf&d=pt.ldplayer.net&cr=carmax1__2&gid=&a=imload&p=ZUqKWgAFRpMBd41MAAF2NGNHW7OgzMsna1m4MA&r=1046700276&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame 413E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuFgdWopKZZONFcya3rsPtOyFkAeLv4iuZvG66fX_DsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQmoAwHIAwKqBJ4CT9AylwxLmjASQVA4Nfz26odpHMsjuBseedZHC86ubSlp0saHKKEC8wDYY-PQL5c8H2sUAaMFv4PM7Xx7YeTKh1hClXrUGccSsptBP8eOOWCKj4Bf0cVSSzVM_3nRG8xF5zVa0yQ5FMEK2g_3RspvJvDtVMpysCyDocbgVcoQV6ITX_zz74IDrLZdSYx0RKSZ3dd3mW8Wk0sch-mTC2eozIwXYMpIP33XICPBPwwJyqL4qXFCIjWKsNCY5oJvSqKS8e5SX3rMF9Kgj50epLyrPYYHFdyD0b81SBvMUfICKiKeYZeXUmdpvNx3r-aNOLpqAb2W8oMag7fiRPKF8GSVfUewNLQP5VlgQASJxd3m6fUIiVskCdbtFcQAtcoww4AG9vb3j_iyl9ecAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzU5Mzg2MTU4MzcwNzMzOBgA&sigh=9bCwpqbkp7o&uach_m=[UACH]&cid=CAQSTgDICaaNYZdgI-Gd5DbspzqMjdHVncDbqaTZy_KP3Ag0VW_9nFOv7-p_2ns0GzMujiXhk-FTev4e8JJL18ceWT3Um1bzRLqe78H0czqeGhgB&cbvp=2&vis=1
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Nov 2023 19:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.rtbrain.app/ Frame 413E 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b94d383-7da0-11ee-9945-122c4ef4f9bf&d=pt.ldplayer.net&cr=carmax1__2&a=imp&p=ZUqKWgAFRpMBd41MAAF2NGNHW7OgzMsna1m4MA&im=rL7p9yWf6U9p4ZLtN-DjXXykSoxNFg9tS0yiqWo4hJgEJUEo_QJ0EZ29fOgW66fVAWRBsyT6GDk95cjWLjrwhbFggRuqMuaSjp4pHqdNiq24AtLxKTQa0CXdXGk4AW0vTl8UkJWM_FAXasTYvWpPTlzJ9xNNJa-9Hx978TLLTJOmIvysYCP4TPqY054gxLZCwTYzbGmQXzYqT2adnldV0sWyEhx45RauDqdZK04k4L215vtgbHDnbfUx6wwFzS2dUdU_S5HNKYCaGcDvL0H8xx3TVnvivdlSUIRL3gWy0wVwx2YqV1EEGIyRbdCwXQdxtVbQE3CZe70a-pmhJf_0q47M0LV6uQJdFyM1dbdvh1s&cbvp=2
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
container.html
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
Wed, 06 Nov 2024 19:04:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=7&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=COudlK3KsoIDFeqjgwgdDLAB3w&_et=356&tfd=4153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame CC63 		849 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.83.76.39 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
d072c1178f00bf45b975595c8078dbda43ed2fd26325bb2ae761a6cb56f71fff

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
849
content-type
text/html
date
Tue, 07 Nov 2023 19:04:59 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2136313076&si=4ad6f2b6e43a838f496dedc942199563&v=1.3.0&lv=1&sn=61350&r=0&ww=1600&u=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&tt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
dcm
s.amazon-adsystem.com/ Frame 848F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:04:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NHN1SSF2MZXEXQW2Q3ZD
Pug
image2.pubmatic.com/AdServer/ Frame 010A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQVkwN0tsUlVBQUJnWVNKcFVBQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEAY07KlRUAABgYSJpUAA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEAY07KlRUAABgYSJpUAA&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEAY07KlRUAABgYSJpUAA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3881927734840604943&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AAEAY07KlRUAABgYSJpUAA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D3881927734840604943%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=3881927734840604943&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEAY07KlRUAABgYSJpUAA&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEAY07KlRUAABgYSJpUAA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 07 Nov 2023 19:05:02 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEAY07KlRUAABgYSJpUAA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 99BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8535176339462545458&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8535176339462545458&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 10:40:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
29455f75-3559-43ac-b52e-1a044d42b226
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8535176339462545458&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 121C 		85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 07 Nov 2023 19:04:59 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760031-MIA
x-timer
S1699383900.796425,VS0,VE26
141
match.deepintent.com/usersync/ Frame 2214 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Tue, 07 Nov 2023 19:04:59 GMT
server
a
Pug
image2.pubmatic.com/AdServer/ Frame 1F61
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
bridge
cm.adgrx.com/ Frame 34CD 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.83 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
sync
x.bidswitch.net/ Frame AB10
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=86adf3bc-f61d-4c58-82e9-c095d82e2d82&ssp=pubmatic&expires=30&user_group=5&bsw_param=a2f84e17-eabd-4b63-ae9f-0af633f7c096
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=86adf3bc-f61d-4c58-82e9-c095d82e2d82&ssp=pubmatic&expires=30&user_group=5&bsw_param=a2f84e17-eabd-4b63-ae9f-0af633f7c096
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:00 GMT
Server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Nov 2023 19:05:00 GMT
Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=86adf3bc-f61d-4c58-82e9-c095d82e2d82&ssp=pubmatic&expires=30&user_group=5&bsw_param=a2f84e17-eabd-4b63-ae9f-0af633f7c096
Pug
image2.pubmatic.com/AdServer/ Frame F63D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567267103198
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567267103198
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 07 Nov 2023 19:04:59 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810316567267103198
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame FB43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NdFSG_awX7d9lWW1RwkgoSaEdkM&gdpr=0&gdpr_consent=
42 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NdFSG_awX7d9lWW1RwkgoSaEdkM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Nov 2023 19:05:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NdFSG_awX7d9lWW1RwkgoSaEdkM&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1802
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8USqmKUP1R0rnK5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8USqmKUP1R0rnK5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Nov 2023 19:04:59 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8USqmKUP1R0rnK5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-0ef7a7031d5740d86@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame E9E1
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=bde329a8-225d-46fd-a117-303b5fe92031&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.166.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-166-52.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:00 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 07 Nov 2023 19:05:00 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
widget.eu.criteo.com/dis/ Frame F4A9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Tue, 07 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208271
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0

Redirect headers

content-length
0
date
Tue, 07 Nov 2023 19:04:59 GMT
location
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server
Kestrel
server-processing-duration-in-ticks
248794
strict-transport-security
max-age=31536000; preload;
i.match
s.tribalfusion.com/z/ Frame E39B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8227d85f69ef67da-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8227d85e6fee67da-MIA
content-type
text/html
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1155
Pug
image2.pubmatic.com/AdServer/ Frame D546
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd9f478c13e074b899e9772f33fa9186e
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd9f478c13e074b899e9772f33fa9186e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd9f478c13e074b899e9772f33fa9186e
pragma
no-cache
server
nginx
pubmatic
ad.mrtnsvr.com/sync/ Frame 085C 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 539F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Nov 2023 19:05:00 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
setuid
u.4dex.io/ Frame 15B2 		0
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Nov 2023 19:04:59 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ucABW1t9TCG0WIn0Gu6iGg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=135565
accept-ranges
bytes
content-length
5606
expires
Thu, 09 Nov 2023 08:44:24 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A239
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:00 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

date
Tue, 07 Nov 2023 19:05:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame A239 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B9C0015B-5B7D-4C21-B458-89F41AEEA21A&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame A239
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 07 Nov 2023 19:04:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjlDMDAxNUItNUI3RC00QzIxLUI0NTgtODlGNDFBRUVBMjFB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDRsMHxHXBIZM65na8PTg8w&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDRsMHxHXBIZM65na8PTg8w&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDRsMHxHXBIZM65na8PTg8w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7
42 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Nov 2023 19:04:59 GMT
generic
match.adsrvr.org/track/cmf/ Frame A239 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CvgqiY9E2uWHgw2jXs8MA4NTd7NN67w-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CvgqiY9E2uWHgw2jXs8MA4NTd7NN67w-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CvgqiY9E2uWHgw2jXs8MA4NTd7NN67w-~A&gdpr=0
date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
B9C0015B-5B7D-4C21-B458-89F41AEEA21A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A239 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B9C0015B-5B7D-4C21-B458-89F41AEEA21A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:14c3:cc7e:2a56:2ee8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5b0b922c-4fcd-406b-ad52-cec24283a804&gdpr=0&gdpr_consent=
1 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5b0b922c-4fcd-406b-ad52-cec24283a804&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 11:03:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5b0b922c-4fcd-406b-ad52-cec24283a804&gdpr=0&gdpr_consent=
Date
Tue, 07 Nov 2023 19:05:00 GMT
Connection
keep-alive
X-CI-RTID
8bb64079-ba06-4e30-8d71-7408fa891621
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2f1c272eaad813b2&is_secure=true&networkId=17100&version=1&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG_03d9j3tdANG9AvfAAAAAAA&expiration=1699470300&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&...
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG_03d9j3tdANG9AvfAAAAAAA&expiration=1699470300&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:04:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG_03d9j3tdANG9AvfAAAAAAA&expiration=1699470300&nuid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame A239 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.82.133.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-133-217.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame A239
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CAB_10BC9ACF0_6CFAB714&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
165.254.203.172 , United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-382388700; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:04:59 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-382388700; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 07 Nov 2023 11:02:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 07 Nov 2023 19:04:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A239
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6341650345889727555
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6341650345889727555
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 11:03:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6341650345889727555
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
css
fonts.googleapis.com/ Frame D305 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 17:27:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
css
fonts.googleapis.com/ Frame D305 		1 KB
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 17:28:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Nov 2023 19:04:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame D305 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame D305 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D305 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:59 GMT
bl-34df212-e9e0301c.js
tagan.adlightning.com/setupad/ Frame 2C67 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-34df212-e9e0301c.js
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-99.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a79239acbd722003ea398bb364df76ced1cd338aa84bfe76ecc31888cbf96f18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 17:05:21 GMT
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
x-amz-version-id
2qLb_vBfhH97dVK8osvrkcQwH6PDC_6L
x-amz-cf-pop
IAD89-P2
age
7179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
23733
x-amz-meta-git_commit
34df212
last-modified
Tue, 07 Nov 2023 17:01:50 GMT
server
AmazonS3
etag
"2c5d129a05d0ccce4927198f43a35113"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HIJgjrK0NimdtYgRvnpcYQNh8unm38UCb_oWt9aZYTp8t7MYxHXh6A==
b-935e2f1-22fd8186.js
tagan.adlightning.com/setupad/ Frame 2C67 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.76.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-76-99.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 08:04:55 GMT
content-encoding
gzip
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
x-amz-version-id
TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop
IAD89-P2
age
39605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27763
x-amz-meta-git_commit
935e2f1
last-modified
Tue, 03 Oct 2023 14:25:23 GMT
server
AmazonS3
etag
"7164aeb4f3f79e485a778007d9bf2ade"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CVI8ID87x97wkq12NqmQqby4h71YQko5Zj_9MFy-1eZTFACUFHE1nw==
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 2C67 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 13:59:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
18336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8543
x-xss-protection
0
server
cafe
etag
18034338113832500900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Nov 2023 13:59:23 GMT
l
www.google.com/ads/measurement/ Frame 2C67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGb5oW2sH7m-q_pxkXl8ZCkqcXlWOhWUjVwk5gP5anAb2DQ2YP63bJBMv9LCYn41SHQ4FwjjBB8MqnrLUyFiLmvqzZQQ
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2C67 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 07:46:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
559105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Oct 2024 07:46:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C67 		190 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61127
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699274420466708"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 19:04:59 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57&gtm=45je3b60v890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=8&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&en=ad_impression&_c=1&ep.query_id=CKqt5KzKsoIDFXIGTwgdf6UEJQ&_et=252&tfd=4409
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59PCK5ER57&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5111
8proof.com/app/rtbmarkup/ Frame D7E4 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8proof.com/app/rtbmarkup/5111?id=667055347494&ctd=10034&crid=3265&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzBIXW4pKZauECOrHjvQPjOCG-A36j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQngAgCoAwHIAwKqBN4CT9B68xkcOn9JFjhUQ0gp0lUFddAuyam2ntX0UO9K3ChAMdWMJboS0ujXvurd4SKRb5U4IDeOcYAGknsE5PAvMJTqnInmiAHU30M-IkK34LFgn_mfHO8l6q0BuNIiw39sLX7sfGaz_4awJxJ8TYrRp9xeGHMrpMu8erf8tbw3un9asd0a00CXwYOBsTdqoRrzrWzdiQcQccYypwZ3FrljuR6GrRzUaPkqzcVZIpyvnqXd_-wDmhvIkZ7OxdZKWbwSz7kCPinP_l3JgKTz97j1e5XT8NMNM93eIsLDRKBOMAbU5XL7H_tqbIANk2RMWiBkkmGNPRFv0C3au9QUT4NU7WN-xI4z7h3HSqc_gKRqMWEnhjBTRUclyigz90kqi4qJVNRNjWlKnSO5AIs-OPYJDxDf0t6_e6atgv-Ku4yWcuh7ML8m9JWy4dO4Xd3HyPKfpc56gRxyxBhAcIM2Yw7gBAGABrqNrPqzkODjhAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3-dOdNMwX8h01b7bPnGkGW_1wVpQ%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWwACAisIg6PqAAGwDJKMB94oj9IFv0kjBA
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
4dbcac3719180e58d03faefee9f5e747005786b6f1753aff38521c9752327a9d

Request headers

Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 07 Nov 2023 19:05:00 GMT
server
nginx
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD56 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135564
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 07 Nov 2023 19:05:00 GMT
expires
Thu, 09 Nov 2023 08:44:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
rtimp
g.rtbrain.app/ Frame D305 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=8b8a6d29-7da0-11ee-a185-c239fb7755d1&d=pt.ldplayer.net&cr=carmax1__3&gid=&a=imload&p=ZUqKWgAFTCoITwZyAASlf9Q7juaASpQE-hk7pw&r=532181648&ow=1600&oh=1200&tzof=600&tz=Pacific/Honolulu&pxr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231102/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
setuid
u.4dex.io/ Frame CC63 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=3881927734840604943&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame CC63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=246106710764278111&gdpr=0&gdpr_consent=
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=246106710764278111&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=246106710764278111&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame CC63
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERI...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=05026310-4ddb-4e70-ba8c-de300203a5ce&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=05026310-4ddb-4e70-ba8c-de300203a5ce&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=05026310-4ddb-4e70-ba8c-de300203a5ce&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1034539
content-length
0
expires
Tue, 07 Nov 2023 00:00:00 GMT
p
a.audrte.com/ Frame CC63
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmMzYnJ0WUZSUC1TQWFNd01hbjhmMjZ6QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGZjM2JydFlGUlAtU0FhTXdN...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=246106710764278111&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=fc3brtYFRP-SAaMwMan8f26zA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=3881927734840604943&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
63.34.193.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-193-74.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 07 Nov 2023 19:05:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame CC63
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=01e63dec-3715-4222-968a-585ad2f1898b&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=01e63dec-3715-4222-968a-585ad2f1898b&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=01e63dec-3715-4222-968a-585ad2f1898b&gdpr=0
date
Tue, 07 Nov 2023 19:05:00 GMT
content-length
0
truncated
/ Frame 2C67 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54faa5ca5c23f80ca70688f1da0583e273af31ca4b68dff1dc596267d07fb293

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
montserrat-v25-latin-800.woff2
cdn.8proof.com/assets/fonts/ Frame D7E4 		0
0
montserrat-v25-latin-600.woff2
cdn.8proof.com/assets/fonts/ Frame D7E4 		0
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CWyFiW4pKZauECOrHjvQPjOCG-A36j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQngAgCoAwHIAwKqBNsCT9B68xkcOn9JFjhUQ0gp0lUFddAuyam2ntX0UO9K3ChAMdWMJboS0ujXvurd4SKRb5U4IDeOcYAGknsE5PAvMJTqnInmiAHU30M-IkK34LFgn_mfHO8l6q0BuNIiw39sLX7sfGaz_4awJxJ8TYrRp9xeGHMrpMu8erf8tbw3un9asd0a00CXwYOBsTdqoRrzrWzdiQcQccYypwZ3FrljuR6GrRzUaPkqzcVZIpyvnqXd_-wDmhvIkZ7OxdZKWbwSz7kCPinP_l3JgKTz97j1e5XT8NMNM93eIsLDRKBOMAbU5XL7H_tqbIANk2RMWiBkkmGNPRFv0C3au9QUT4NU7WN-xI4z7h3HSqc_gKRqMWEnhjBTRUclyigz90kqi4qJVNRNjWlKnSO5AIs-OPYJDxDf0t6_OaSMEAANDNkrxfWAw63lL-SS6wWxc8VyLhmNZh_dqDBqObrvJT7gBAGABrqNrPqzkODjhAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTM1OTM4NjE1ODM3MDczMzgYy9-NAQ&sigh=qeYIyuf1tOQ&uach_m=[UACH]&cid=CAQSPADICaaNFL57r-1of2z2o7k_tZa7692-XrMArMsJnnnNU2OSFpceIyxgC1Y95Nh5pQDEWETk-gPDi3qX5hgB&cbvp=2&vis=1
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
win
8proof.com/app/ Frame 2C67 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8proof.com/app/win?id=667055347494&ap=ZUqKWwACAisIg6PqAAGwDJKMB94oj9IFv0kjBA&t=b&cbvp=2
Requested by
Host: dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
URL: https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
96.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:00 GMT
content-length
0
server
nginx
setuid
prebid.adnxs.com/pbs/v1/
Redirect Chain
  • https://pixel.rubiconproject.com/sync.php?p=prebid
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
86 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
HTTP/1.1
Server
68.67.153.61 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:01 GMT
Server
nginx/1.21.3
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
node.php
node.setupad.com/node/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
X-Requested-With
activeview
pagead2.googlesyndication.com/pcs/ Frame 6BE5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbRjoAf6H2ctOpON-C23uY8JWQyPqGCwclHCL84fNAesOeBPGXAvDWv53NBxagOty-X3dnvKtrYDgqI1XJunCV2H29hA4J6kYgUzo54KJWUL_3NItGHw&sig=Cg0ArKJSzOlE8zW8dwiwEAE&id=lidar2&mcvt=1000&p=0,0,280,810&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1152246836&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699383898159&rpt=1420&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 422E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueVR-7oZ4Pl_v6AU1bcd-JD-33_o_emIfO2H8FAD-ZlFT-LGTzK8GPCfPkItOsX2mGvAwW6f0X_-JN1IZMt6bs0pO8E2dmFh2gVWsWZbaYKkaerCaPVw&sig=Cg0ArKJSzCH-xmd8RP-UEAE&id=lidar2&mcvt=1001&p=0,0,280,346&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=197933115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699383898182&rpt=1424&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 413E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVcRVCjPjMK-ePJ3hqmHj5U97ueqo5IJ6lEYGx-7ZerSB1tELi4iuLVgdNxcUHKmagrVCUON1t3Da6Kfuyv9IY9KsgYP-MUDyCYIVynlbBqwO8Egc4kw&sig=Cg0ArKJSzBuB08SoVpGpEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&vu=1&app=0&itpl=20&adk=382898203&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699383898100&rpt=1533&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 6A2B 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame D494
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
97805c721b1c9b241663729fd6437d42672ec0cb79ccfd4b804ebbeffbd5eb16

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
Tue, 07 Nov 2023 19:05:02 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1221

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 07 Nov 2023 19:05:01 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1221
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLxypqD-jMrnZw-QTNwrYtBcSjUeSVaqqa3qqhlFOsI1vb7d0YhR5NwDxX_Y3SUhaaiFjnM3zzLcRxEdFuKPRwaLbfzNizyqQ2XUPN&sig=Cg0ArKJSzFHwlIQB72dBEAE&id=lidar2&mcvt=1000&p=4101,0,4201,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1383632267&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699383899733&rpt=609&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A239 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
setupad-d.openx.net/w/1.0/ Frame 4426 		670 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
844fb024346d9969a4d4ade46298ee706c8c86348ebbdc29e42fc617b232bdc5

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
420
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame B7D9 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Nov 2023 19:05:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7003 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135562
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
Thu, 09 Nov 2023 08:44:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 9FE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/5893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://pt.ldplayer.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 07 Nov 2023 19:05:01 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De6152164cc48dbeb
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3Deeb97a49-6a...
  • https://u-iad04.e-planning.net/um?uid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&dc=0abbcb4eba840e59&fi=e6152164cc48dbeb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&dc=0abbcb4eba840e59&fi=e6152164cc48dbeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif

Redirect headers

date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://u-iad04.e-planning.net/um?uid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&dc=0abbcb4eba840e59&fi=e6152164cc48dbeb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3De6152164cc48dbeb
  • https://u-iad04.e-planning.net/um?uid=7MoAH4HihgZs&dc=66b7ef4184d94c10&fi=e6152164cc48dbeb&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=7MoAH4HihgZs&dc=66b7ef4184d94c10&fi=e6152164cc48dbeb&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=7MoAH4HihgZs&dc=66b7ef4184d94c10&fi=e6152164cc48dbeb&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-rjr6m
expires
-1
pbs.gif
sync.admanmedia.com/ Frame D494 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3De6152164cc48dbeb%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 07 Nov 2023 19:05:02 GMT
Server
nginx/1.18.0 (Ubuntu)
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame D494 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 05 Nov 2028 19:05:02 GMT
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De6152164cc48dbeb%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e6152164cc48dbeb&uid=8917367e-87a3-0384-04a1-2b2cff31bff1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e6152164cc48dbeb&uid=8917367e-87a3-0384-04a1-2b2cff31bff1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e6152164cc48dbeb&uid=8917367e-87a3-0384-04a1-2b2cff31bff1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame D494 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sun, 05 Nov 2028 19:05:02 GMT
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3De6152164cc48dbeb%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2bf5355b4fb8145d&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=e6152164cc48dbeb&uid=AAAFnoULCq24KANFEAFUAAAAAAA&expiration=1699470302
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=e6152164cc48dbeb&uid=AAAFnoULCq24KANFEAFUAAAAAAA&expiration=1699470302
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=e6152164cc48dbeb&uid=AAAFnoULCq24KANFEAFUAAAAAAA&expiration=1699470302
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame D494 		0
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De6152164cc48dbeb%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=e6152164cc48dbeb&uid=8535176339462545458
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=e6152164cc48dbeb&uid=8535176339462545458
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
an-x-request-uuid
2eb7733d-bd39-4d41-8308-9b3c59eaed15
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=e6152164cc48dbeb&uid=8535176339462545458
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3De6152164cc48dbeb%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=e6152164cc48dbeb&uid=09d951eb-14e5-4040-b7bf-fef7ebc8a175
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=e6152164cc48dbeb&uid=09d951eb-14e5-4040-b7bf-fef7ebc8a175
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-29
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=e6152164cc48dbeb&uid=09d951eb-14e5-4040-b7bf-fef7ebc8a175
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3De6152164cc48dbeb%26uid%3D%24UID&partner=eplanning
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS01YzYzOGNiZi1kO...
  • https://ssp.disqus.com/match?bidder=30&buyeruid=327e263b1a8fc3b7d7e9bc854506dffd130a44f85d4a671dc4e2c31335c1b053&r=Cid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly...
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
  • https://ssp.disqus.com/match?bidder=31&buyeruid=ee1a5f8a-b8b2-4d5b-8213-560448da5011&r=Cid1YS01YzYzOGNiZi1kOGNiLTMxOWEtOWI3Yy04YmZhZWMwOTE5Y2IQ____________ASp1aHR0cHM6Ly91LWlhZDA0LmUtcGxhbm5pbmcubm...
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=e6152164cc48dbeb&uid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=e6152164cc48dbeb&uid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=e6152164cc48dbeb&uid=ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame D494
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=01e63dec-3715-4222-968a-585ad2f1898b&dc=769fefa8321c94fb&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=01e63dec-3715-4222-968a-585ad2f1898b&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=01e63dec-3715-4222-968a-585ad2f1898b&dc=769fefa8321c94fb&iss=1
date
Tue, 07 Nov 2023 19:05:02 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3De6152164cc48dbeb%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=e6152164cc48dbeb&uid=23525b4e-c7f6-4fa9-beef-73312e8376ce
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=e6152164cc48dbeb&uid=23525b4e-c7f6-4fa9-beef-73312e8376ce
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:05 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:05 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=e6152164cc48dbeb&uid=23525b4e-c7f6-4fa9-beef-73312e8376ce
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=e6152164cc48dbeb
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=e6152164cc48dbeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=e6152164cc48dbeb
date
Tue, 07 Nov 2023 19:05:02 GMT
server
fasthttp
content-length
0
um
u-iad04.e-planning.net/ Frame D494
Redirect Chain
  • https://sync.colossusssp.com/25846d60f03337a85b16b62fb624c502.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BUID%5D%26dc%3Dd015773253e1640b%26fi%3De6152164cc48dbeb
  • https://u-iad04.e-planning.net/um?uid=3d96c5ae-073d-481d-a742-c3fa3cd62515&dc=d015773253e1640b&fi=e6152164cc48dbeb
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=3d96c5ae-073d-481d-a742-c3fa3cd62515&dc=d015773253e1640b&fi=e6152164cc48dbeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?uid=3d96c5ae-073d-481d-a742-c3fa3cd62515&dc=d015773253e1640b&fi=e6152164cc48dbeb
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
usync.html
eus.rubiconproject.com/ Frame 7B49
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Nov 2023 19:05:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Nov 2023 19:05:02 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C2A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De6152164cc48dbeb%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135562
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
Thu, 09 Nov 2023 08:44:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 075B
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
2 KB
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde723d8755e20fb26aa9d307783be6dfc2608d4b6731a278133c98507b11e45

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8227d8703ec631f0-MIA
content-encoding
br
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vNeki933lJX3gePjibJ5F%2BhGHTgayAyFGy%2Flb9r02RgvTIeGs1x3rVtrATdEe%2Fy1D3u9CWyiyOWtQeZIiuda%2F9UChP5ujFeHwSJosIl5DqDA2x83JOndYdRnlL7axYfWvZWM0TH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8227d86f2c9631f0-MIA
content-length
0
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxA43g55Wtzn5zFnfbYXlT0YK4GaediQbfz3cVsTp31zIJ9i3rKczj3BbSSJo9e8%2BQEF916ACyobwi2rcDQDseAR70S3poxdUWNs2Xv6P7ZW3JfxPDTY7UdQn6Y3o%2B1Pj8ONhXMJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame A6FC 		1 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Carrollton, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 04 Jul 2028 12:18:41 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
2cd2217623d7ca502541063e15139dc3
x-cf-tsc
1688645922
x-cf1
29080:fC.mia1:co:1585621119:cacheN.mia1-v:H
x-cf2
H
x-cf3
M
x-cff
B
usync.js
eus.rubiconproject.com/ Frame B7D9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cf9a84e1558e2922805e36adeaa3b33ea3ea0e83aa1c06c973cb3736cc926fe5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 10:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56021
Connection
keep-alive
Content-Length
13281
Expires
Wed, 08 Nov 2023 10:38:43 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7003 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85959162&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
26891ac7786fedeefab0d7b5bb65f0b9699eeb33c0e77d9ebbfc4f134c5bb516

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 07 Nov 2023 19:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 4426
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4426 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=b6b7ca4d-653b-0dea-25cc-73ef4de6bc70
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 4426 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=9e0d3a38-e656-0a24-3c0a-2a33e9c98915
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 4426
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=e50fc6d7-f37b-060d-3054-6bca47f11ca4
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZTUwZmM2ZDctZjM3Yi0wNjBkLTMwNTQtNmJjYTQ3ZjExY2E0EAAaDQjelKqqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGGDLq5OrQvQc_n0YK728TU&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGGDLq5OrQvQc_n0YK728TU&google_cver=1
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGGDLq5OrQvQc_n0YK728TU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4426
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8535176339462545458
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8535176339462545458
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
an-x-request-uuid
f6524c01-ab6f-4b46-b356-5dc24bc7cada
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8535176339462545458
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4426
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: setupad-d.openx.net
URL: https://setupad-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://setupad-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3053997380392811454&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FFE4
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=849493170895
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=849493170895
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 11:04:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=849493170895
cm
ipac.ctnsnet.com/int/ Frame 6A8B 		43 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame B459
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 07 Nov 2023 19:05:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 58C3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=NjMTF2HkCMuEVA_fX4pKZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=NjMTF2HkCMuEVA_fX4pKZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:03 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=NjMTF2HkCMuEVA_fX4pKZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 78D1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0&gdpr=0&gdpr_consent=
42 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 11:04:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:02 GMT
Expires
Tue, 07 Nov 2023 19:05:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master ord ord-pixel-x33 config_version:"455"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame FF96
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1699383902750
  • https://ad.turn.com/r/cs?pid=45&rndcb=7297234038
  • https://sync.1rx.io/usersync/turn/3053997380392811454?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-add83cde-e0e9-4729-ab81-c991e1728845-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-add83cde-e0e9-4729-ab81-c991e1728845-005
42 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-add83cde-e0e9-4729-ab81-c991e1728845-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 07 Nov 2023 19:05:03 GMT
ETag
RXadd83cdee0e94729ab81c991e1728845005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-add83cde-e0e9-4729-ab81-c991e1728845-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
pub
matching.truffle.bid/sync/ Frame EAB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 07 Nov 2023 19:05:03 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 7E3D 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:03 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-848cccea28bf@version_1.575
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame BD11
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7526703031263288345&uid=Q752670303126328...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7526703031263288345
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7526703031263288345
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 19:05:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=79941
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Tue, 07 Nov 2023 19:05:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7526703031263288345
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 8ABB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 07 Nov 2023 19:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
Mon, 06 Nov 2023 19:05:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C270251CC8294682A6CC0DCFCDE43EC7&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
insync
thrtle.com/ Frame 7003
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ebd058-dc15-4a85-96a8-3b2ff0558d22
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ebd058-dc15-4a85-96a8-3b2ff0558d22
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Server
44.218.53.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-53-191.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 07 Nov 2023 19:05:02 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c9ebd058-dc15-4a85-96a8-3b2ff0558d22
date
Tue, 07 Nov 2023 19:05:02 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 7003 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 7003 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.91.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-91-23.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 7003 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.82.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-82-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 07 Nov 2023 19:05:01 GMT
apn
ads.playground.xyz/usersync/ Frame 7003 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame 7003
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b43379e2-5a17-4dd3-a52b-ea400da091a2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b43379e2-5a17-4dd3-a52b-ea400da091a2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 07 Nov 2023 11:02:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b43379e2-5a17-4dd3-a52b-ea400da091a2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 07 Nov 2023 19:05:03 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame A239 		692 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65596081&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d94c224d64c17921e1722468ac6b69b7a8306d8be9bf5b3f28e3743c069fb7e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 07 Nov 2023 19:05:01 GMT
content-length
692
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 7B49 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cf9a84e1558e2922805e36adeaa3b33ea3ea0e83aa1c06c973cb3736cc926fe5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 10:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56021
Connection
keep-alive
Content-Length
13281
Expires
Wed, 08 Nov 2023 10:38:43 GMT
setuid
u.4dex.io/ Frame 3A19 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 07 Nov 2023 19:05:02 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame A239 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.59.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-59-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
7b4f58ae-62c1-4f7f-9e4e-949342aed6e1
Connection
keep-alive
Content-Length
0
x-application-context
application:production
712188.gif
idsync.rlcdn.com/ Frame A239 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/712188.gif?partner_uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A/gdpr=0/ Frame A239 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.174.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-174-153.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.3.171
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A239 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
um
u-iad04.e-planning.net/ Frame 61AE 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=e6152164cc48dbeb&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Tue, 07 Nov 2023 19:05:02 GMT
server
openresty
loader
api.retargetly.com/ Frame D494 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=1473
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d03db41bcb427987125a483a1623120a2fe804cb240d34d65456fdfcfb778f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
cf-ray
8227d8708e0d0a06-MIA
expires
Tue Nov 14 2023 19:05:02 GMT+0000 (Coordinated Universal Time)
/
onetag-sys.com/usync/ Frame 76CB 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame D494 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-59.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:18:34 GMT
content-encoding
gzip
via
1.1 c1d6a7a9856899a6462bae2246daa42e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:32:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
31590
x-amz-server-side-encryption
AES256
etag
W/"54c61a0ae34474e317dc273453fb9ccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
mEBr-cjVEl_HBSFwllJ4kl6Pv-ykC_RKcQepbe8U1_ARtDAhy76fXQ==
15581
rtb.gumgum.com/usync/ Frame C360 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.170.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-170-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9065f6dc10de73004d61ec8d9587db4d3e73450a1e682f2b39f231af25f8613f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 07 Nov 2023 19:05:03 GMT
etag
W/"0ceae92bca8bd6fbbae9183aa543a5b40"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 3893 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 07 Nov 2023 19:05:02 GMT
user-sync
sync.adkernel.com/ Frame 13F0 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=202990&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3Deba3ecb667ab30ab%26fi%3De6152164cc48dbeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 07 Nov 2023 19:05:03 GMT
Pragma
no-cache
Server
nginx
setuid
prebid-stag.setupad.net/ Frame 7FD4 		0
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=APwi04KbDKg7aG4d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8227d86ffb235c6d-MIA
content-encoding
br
content-type
text/html
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9XbexpOSVO2Eb4Db3wY3u259tkzmryGlfIN1q1YBHcwbDlg5BsbegUgmxt%2BRrvluE77oeM068nzxovJL1nzly43EGwZYJogbhrRQ%2BNB79eAz1k9a6tZUqlSM3c9DljRR5JvUdDojDpy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
khaos.json
token.rubiconproject.com/ Frame 7B49 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOOPANM3-1W-DN8V
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
um
sync.e-planning.net/ Frame 7B49
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LOOPANM3-1W-DN8V
  • https://sync.e-planning.net/um?uid=LOOPANM3-1W-DN8V&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=LOOPANM3-1W-DN8V&dc=9bcc91305985f0db&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LOOPANM3-1W-DN8V&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
t2.min.js
pdp-cdn.retargetly.com/ Frame D494 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdp-cdn.retargetly.com/t2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1792039052bda65ba1ae363d8a3aa63d7e25c36c066b628748491e15cd8439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
x-amz-version-id
C27psFcuk.RxsTe_eh8AEu0qT4dL4uo9
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 eca8616127916fa339e7718294322b64.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MIA3-C4
age
6845
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-cache-status
HIT
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 31 Oct 2023 19:17:17 GMT
server
cloudflare
etag
W/"e074886c59c7ad26b684468cc8319e0a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cf-ray
8227d8714f0c0a06-MIA
x-amz-cf-id
oRWS8QMJSJIVGOH9lv9vVbnH3cJJRHYUUz3zsX537eJjEdOaO8Ye0A==
api
api.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupa...
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupa...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be52ff5d5406d354e00a70abbb9b8c87d0660e071aac6b604d8d7d4f703e799c

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8227d873db920a06-MIA
content-encoding
gzip
content-type
text/html
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8227d8732a570a06-MIA
content-type
application/javascript
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
location
/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
usermatchredir
ssum-sec.casalemedia.com/ Frame 075B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUqKXnUCjW_io7mK5mrXYgAAEZQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBPuYaZg_Qg6VHXVd7Tgvpc&google_cver=1
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBPuYaZg_Qg6VHXVd7Tgvpc&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1ld29GGYIou48%2FKWkePomm%2Bdw2CEhp8o4WCGPskypxDbetBRFYOV9JEIUxQHKrUIs0AgcFjfdx9x9CFa6eUCbSxBGuCBERRLvjyABQS3f05sDmLp3F8O3cKQ%2Bh62g4X%2FcAFOgJ4AWhbmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8227d8740ec331f0-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBPuYaZg_Qg6VHXVd7Tgvpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 075B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUqKXnUCjW-io7mK5mrXYgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEWGqCyT5o235UBGY9Xk6NI&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEWGqCyT5o235UBGY9Xk6NI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5o4%2F56cZ8ZL%2FsEwYZRCkKL9a8M%2Bu%2Fz05eyd0knx6g1rqTqnSHKwnDxcfd9o7EY6Lk2uZNlFq9Bv2FlqQEhgm8fijm5hqQfzm5N0wrnirwmq5ReIpZVbuS8eHcOg4UApGdcklniRK%2BF312w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8227d8752e7f9aeb-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEWGqCyT5o235UBGY9Xk6NI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 075B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUqKXnUCjW-io7mK5mrXYgAA%264500&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUqKXnUCjW-io7mK5mrXYgAA%264500&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8c17a9933fca4e53b88588d2a0c5cd63
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:c919:35a9:9cba:2762 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:04 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-eT2IVkxOIjvDxuGHY9Qs_uFepepKi7BtfJ2vng
Date
Tue, 07 Nov 2023 19:05:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
dcm
s.amazon-adsystem.com/ Frame 075B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUqKXnUCjW_io7mK5mrXYgAAEZQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EECA43DJBKZF0Z2F629M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 075B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8535176339462545458
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8535176339462545458
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iD%2FeMxJSJDOpKOzdVQ3LsIEOy%2BggY7RRs2HTL3xkjoLjgiKTGWUbxDlJdIRZlCl6lNs%2BJRlCWFNGkOKQJIX8efpo9KK%2FOIn0KTaIhFkjhkOZLhMaUmEV3Pyh7IQI3rJXQL9RPwRc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8227d873fea031f0-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
an-x-request-uuid
fcce3cc4-3ca2-48e0-a078-17ef35da8a9f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8535176339462545458
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame 075B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziZCBUmBHfDMz1trknWzBq3itWd7mGgXqHKKHcbOLDKDs6xBeTP9iBnrNP793I5BwhI4hpyubNzLyl2z7WOrnjR9gQPviMgswj1ShWa9Nqidq7NY8ocHMfEEmQcox4UBBYAu"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8227d873ee6a31f0-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 075B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=246106710764278111&expiration=1700593503
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=246106710764278111&expiration=1700593503
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYtNjfGvuoO5h5f35NeQ7CofWan4ZPJioU9LI%2FupIHmmYYiuV2MtpLRN40Jtepr7AfueodION8CO8lV7tE1BDDKmyGoi7wnXOxmZ14ZIIJQT1wyRRGDoJ4pKHz3J1DGr1NQG7J9E9aKGrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8227d873ee6431f0-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=246106710764278111&expiration=1700593503
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
x.bidswitch.net/ Frame 075B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
um
u-iad04.e-planning.net/ Frame 075B 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=e6152164cc48dbeb&uid=ZUqKXnUCjW-io7mK5mrXYgAA%264500
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De6152164cc48dbeb%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif
event_collector
pdp-service.retargetly.com/ Frame D494 		102 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Requested by
Host: pdp-cdn.retargetly.com
URL: https://pdp-cdn.retargetly.com/t2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.124.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-124-92.compute-1.amazonaws.com
Software
/
Resource Hash
3c6d2a38d3112e13184f64d15d7462b8a0d123a024895331941fa29078eabefa

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
request_id
8ea1f6f6-7da0-11ee-af92-328e2bb3df6e
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
102
event_collector
pdp-service.retargetly.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.124.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-124-92.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ads.us.e-planning.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
content-length
0
date
Tue, 07 Nov 2023 19:05:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8535176339462545458
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8535176339462545458
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
an-x-request-uuid
dccd0fca-2290-48a4-9dd2-e9043e6a263d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=8535176339462545458
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame C360
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_a29955c0-ee31-4676-83a2-f3feedded0c9&gdpr=&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=a2f84e17-eabd-4b63-ae9f-0af633f7c096&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=qNuR6_R7GaLfb1TDGCI-0
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=qNuR6_R7GaLfb1TDGCI-0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:02 GMT
Server
Microsoft-IIS/10.0
Content-Type
text/html; charset=utf-8
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Location
https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=qNuR6_R7GaLfb1TDGCI-0
Cache-Control
private,no-store, no-cache, must-revalidate
Content-Length
206
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=47f41dc1-1629-083b-0856-fbd4b63a7c3a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=47f41dc1-1629-083b-0856-fbd4b63a7c3a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 07 Nov 2023 19:05:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=47f41dc1-1629-083b-0856-fbd4b63a7c3a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-35d1521b-f6b0-5fb7-7d95-65b5470920a1$ip$38.132.118.67
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-35d1521b-f6b0-5fb7-7d95-65b5470920a1$ip$38.132.118.67
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-35d1521b-f6b0-5fb7-7d95-65b5470920a1$ip$38.132.118.67
Date
Tue, 07 Nov 2023 19:05:03 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-odZY8itE2pc6weLBdYeBQ2xlGF.SfF5hYrPy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-odZY8itE2pc6weLBdYeBQ2xlGF.SfF5hYrPy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-odZY8itE2pc6weLBdYeBQ2xlGF.SfF5hYrPy~A
content-length
0
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5b0b922c-4fcd-406b-ad52-cec24283a804
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5b0b922c-4fcd-406b-ad52-cec24283a804
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5b0b922c-4fcd-406b-ad52-cec24283a804
Date
Tue, 07 Nov 2023 19:05:03 GMT
Connection
keep-alive
X-CI-RTID
226c855d-5738-4e27-809e-9ea4ac6883cd
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame C360 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:02 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_a29955c0-ee31-4676-83a2-f3feedded0c9&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=7MoAH4HihgZs&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=7MoAH4HihgZs&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=7MoAH4HihgZs&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-59d47cf7f8-rjr6m
expires
-1
usersync
usersync.gumgum.com/ Frame C360
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3881927734840604943
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3881927734840604943
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3881927734840604943
date
Tue, 07 Nov 2023 19:05:02 GMT
content-length
0
um
sync.e-planning.net/ Frame C360 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=e6152164cc48dbeb&uid=u_a29955c0-ee31-4676-83a2-f3feedded0c9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

server
openresty
date
Tue, 07 Nov 2023 19:05:03 GMT
content-type
image/gif
usersync
rtb.gumgum.com/ Frame 4FA5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=246106710764278111&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=246106710764278111&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.170.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-170-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=246106710764278111&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame B96A 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9hMjk5NTVjMC1lZTMxLTQ2NzYtODNhMi1mM2ZlZWRkZWQwYzk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 10CC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.113.15 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-113-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135561
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
Thu, 09 Nov 2023 08:44:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C248 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 07 Nov 2023 19:05:03 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 935F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUqKX8Co8YIAAGWMRmEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZUqKX8Co8YIAAGWMRmEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:03 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Nov 2023 19:05:03 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZUqKX8Co8YIAAGWMRmEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40394.dc2p.scaleout.jp
X-SO-IP
38.132.118.67
X-SO-Key
ZUqKX8Co8YIAAGWMRmEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZUqKX8Co8YIAAGWMRmEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40394"}
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40394
usersync
usersync.gumgum.com/ Frame 30FC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=evf0fyk3ylCPC5BhJDcI&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=evf0fyk3ylCPC5BhJDcI&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:03 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 07 Nov 2023 19:05:03 GMT Tue, 07 Nov 2023 19:05:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=evf0fyk3ylCPC5BhJDcI&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 41C1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Nov 2023 19:05:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 07 Nov 2023 19:05:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
setuid
prebid-stag.setupad.net/ Frame 56C0 		0
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8227d8750da15c6d-MIA
content-encoding
br
content-type
text/html
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9vMXlvg7N8CSTmyr1xX1rdJpcWuSalcQINJwOOmZdxY0b3%2FY8HMsiMgIgnovycCCKNx9Izn%2FzHkas8vWbuqX6MtTdIh7nm4YBz01W8KwTXKuJi9nFZy06Zk61ajjEDqBtceNTwkj7nN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
usersync
usersync.gumgum.com/ Frame 92B9 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:03 GMT
Expires
0
Pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 4D9D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70&cdsp=712808&sct=1
  • https://app.retargetly.com/sync?sid=na739m9Zsg5b&pid=70
68 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=na739m9Zsg5b&pid=70
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d87779d30a06-MIA
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://app.retargetly.com/sync?sid=na739m9Zsg5b&pid=70
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8227d877098d5c65-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
  • https://retargetly-match.dotomi.com/match/bounce/current?DotomiTest=343c5d5df3f3129e&is_secure=true&networkId=95012&version=1&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
  • https://app.retargetly.com/sync?pid=72&sid=AAAF4gVxR9kp1ANwUQctAAAAAAA&expiration=1699470303&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&is_secure=true
68 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=72&sid=AAAF4gVxR9kp1ANwUQctAAAAAAA&expiration=1699470303&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&is_secure=true
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d8761f760a06-MIA
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://app.retargetly.com/sync?pid=72&sid=AAAF4gVxR9kp1ANwUQctAAAAAAA&expiration=1699470303&nuid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://tags.bluekai.com/site/28347?limit=0&id=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
68 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d87789ed0a06-MIA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
date
Tue, 07 Nov 2023 19:05:03 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
generic
match.adsrvr.org/track/cmf/ Frame 4D9D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&_rand=1699383903369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=31eee410-3768-439a-8f75-e2964218e7ff%252C%252C&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=MjBmYTZlNTctYjkzYy00YzVlLWI5MDAtMjk1YmY4ZThkNGZh&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEGbETM8XvlOn7uOVtiHKlX4&google_cver=1
68 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEGbETM8XvlOn7uOVtiHKlX4&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d875ceba0a06-MIA
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEGbETM8XvlOn7uOVtiHKlX4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=8535176339462545458&pid=2
68 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=8535176339462545458&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d875ceb20a06-MIA
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
an-x-request-uuid
643ea138-1929-470f-93e3-b3b7cd0b5047
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://app.retargetly.com/sync?sid=8535176339462545458&pid=2
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY
  • https://app.retargetly.com/sync?pid=22&sid=y-W0HDl5NE2oIx0Y97xHmav5x8xTeQVidMsro-~A
68 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=22&sid=y-W0HDl5NE2oIx0Y97xHmav5x8xTeQVidMsro-~A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d8760f350a06-MIA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=22&sid=y-W0HDl5NE2oIx0Y97xHmav5x8xTeQVidMsro-~A
date
Tue, 07 Nov 2023 19:05:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
  • https://app.retargetly.com/sync?sid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&pid=23
68 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&pid=23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d875ceaf0a06-MIA
expires
0

Redirect headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:02 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://app.retargetly.com/sync?sid=eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&pid=23
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
app.retargetly.com/ Frame 4D9D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
  • https://app.retargetly.com/sync?pid=14&sid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
68 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=14&sid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
8227d875ceb40a06-MIA
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=14&sid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
date
Tue, 07 Nov 2023 19:05:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
tpid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame 4D9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.174.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-174-153.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
sync
sync.teads.tv/rt/ Frame 4D9D 		2 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/rt/sync?vid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&gdpr=0&us_privacy=%221-N-%22
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.241.151 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-241-151.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Tue, 07 Nov 2023 19:05:03 GMT
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
2
content-type
text/plain; charset=UTF-8
getuid
sync.smartadserver.com/ Frame 4D9D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
HTTP/1.1
Server
23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
pragma
no-cache
date
Tue, 07 Nov 2023 19:05:03 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tum
ums.acuityplatform.com/ Frame 4D9D 		0
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ums.acuityplatform.com/tum?umid=76&uid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fpt.ldplayer.net%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa&fullVersionList=&platform=&_rlid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.90.254.78 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Acuity-UserID
X-Acuity-UserID
849493170895
setuid
prebid-stag.setupad.net/ Frame C76E 		0
831 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.68.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8227d8755e315c6d-MIA
content-encoding
br
content-type
text/html
date
Tue, 07 Nov 2023 19:05:03 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnwDT8UAjpgBLTku0gM642qF1e6ixRf93NWSmoPcCkX4DAr0TmWgUCrbetU96Dso3yg51jmdxdF1aGFj%2FstF2psuz6ReOmKaX1TH2Ae6MDVnRQwmDh34ADxlfUSU2SzlJ%2Bgnus5hSeZ1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 41C1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-170-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cf9a84e1558e2922805e36adeaa3b33ea3ea0e83aa1c06c973cb3736cc926fe5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Tue, 07 Nov 2023 19:05:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2023 10:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56020
Connection
keep-alive
Content-Length
13281
Expires
Wed, 08 Nov 2023 10:38:43 GMT
usersync
usersync.gumgum.com/ Frame 9334 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 07 Nov 2023 19:05:03 GMT
Expires
0
Pragma
no-cache
khaos.json
token.rubiconproject.com/ Frame 41C1 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOOPANM3-1W-DN8V
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
usersync
usersync.gumgum.com/ Frame 41C1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOOPANM3-1W-DN8V
  • https://usersync.gumgum.com/usersync?b=mag&i=LOOPANM3-1W-DN8V
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOOPANM3-1W-DN8V
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 07 Nov 2023 19:05:03 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOOPANM3-1W-DN8V
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6PJR84EZXV&gtm=45je3b60v9102627819z8890351567&_p=1699383897594&gcd=11l1l1l1l1&cid=206618511.1699383898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699383898&sct=1&seg=0&dl=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&dt=Baixar%20Financiamento%20Lojista%20para%20PC%20-%20LDPlayer&_s=2&tfd=8674
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6PJR84EZXV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pt.ldplayer.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 07 Nov 2023 19:05:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pt.ldplayer.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7003 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156191&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame A239 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 19:05:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
video-icon-1.89128a9.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-1.89128a9.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
00c81b263d0ff57fd30eab231ae9bd150335a862be26fcff9079de077d603487

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 10:20:55 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
6542260B2E6FA43132ACDBB6
content-md5
3uaXEaSP/AdUeguCOIznVw==
age
31450
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1145
x-oss-object-type
Normal
last-modified
Tue, 31 Oct 2023 06:41:19 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"DEE69711A48FFC07547A0B82388CE757"
vary
Accept-Encoding
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11000758378892894387
x-amz-cf-id
_0Ig28-SctxiWazxeCgIYWYAljQy6LHnYi8FlFbzRz6-ijm9a2-szQ==
x-oss-server-time
4
video-icon-2-on.d2e20a3.png
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-2-on.d2e20a3.png
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.208.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-208-112.iad79.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
7f622f88919863e27acd80d58b054b1afa1446602775d9fbd13a7143f674012d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pt.ldplayer.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 09:31:48 GMT
via
1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
x-oss-request-id
654A04044FF14A31334F58E4
content-md5
5IFDRo+DQH4PkOlX0jZX7g==
age
34397
x-amz-cf-pop
IAD79-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1307
x-oss-object-type
Normal
last-modified
Tue, 07 Nov 2023 06:41:39 GMT
server
AliyunOSS
x-oss-server-side-encryption
AES256
etag
"E48143468F83407E0F90E957D23657EE"
content-type
image/png
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15489892623468860763
x-amz-cf-id
h7Nnk8XjhPUhIFprJGJEPU_DaCAeAqkm2l_OD8pbZ8WvphWZfjZc1w==
x-oss-server-time
27
xPxRSA-1588068826696.mp4
encdn.ldmnq.com/gw/upload/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://encdn.ldmnq.com/gw/upload/xPxRSA-1588068826696.mp4
Requested by
Host: pt.ldplayer.net
URL: https://pt.ldplayer.net/games/financiamento-lojista-on-pc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:1a00:f:2cbf:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f2337d4e2f9bff9d017b56e351587eb551a7bedf5e155ca7d463d8b4ebdfa488

Request headers

Referer
https://pt.ldplayer.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 07 Nov 2023 07:14:58 GMT
via
1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront)
x-oss-request-id
65473F7581BDAB3238377300
content-md5
Pk5N4Bkhe29ErNZchp/Rnw==
x-amz-cf-pop
IAD55-P3
age
42607
x-cache
Hit from cloudfront
Content-Range
bytes 0-2125039/2125040
Content-Length
2125040
x-oss-object-type
Normal
last-modified
Tue, 28 Apr 2020 10:13:48 GMT
server
AliyunOSS
etag
"3E4E4DE019217B6F44ACD65C869FD19F"
vary
Accept-Encoding
content-type
video/mp4
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16182218286417003811
x-amz-cf-id
U_sq2yK2OQpA58sKIZ08xw2ytLms3yzTTiJo8QEALPhMasFH2Fl0Cg==
x-oss-server-time
6
um
u-iad04.e-planning.net/ Frame 02C1 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=e6152164cc48dbeb&uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De6152164cc48dbeb%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Tue, 07 Nov 2023 19:05:05 GMT
server
openresty
all
csm.us.criteo.net/ Frame C9A8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=AkTp1y8Gzj_cykx7JcVfB7oaDGO0MRtWq49bDUyD_PUxY2QnytvcRCxf4Se-THfJUeatadSNJDY9W1vDjFLNSfMsnBRKcdY8CGb2XdiFUNEP2JAche0zZh47kaSgZ83VEuYrrg3hd5JF5jsgSHNlzvDvY5sBcqwo1ac1UWYbBnjuz0SZcN6AOsR1ymN1Km6vV37oKypotLKE5kYrROZpGAymprmYTzVD09-2IVvcln5LRHR9OE4HtmS-yj7HcBBD-lJQFQ&sds=2&rev=89232&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZUqKWgAFSSkE0Y4BAA6TnfNIDgpntCcQyKG-hA&u=%7C0aEbb%2FHuK%2B4V4i83%2BtYII4IU5%2FFBeKlVC7DuuFFrxic%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78lUZyextpJXscfeAA722ytX6w1__3u2Aah-2iTTdgg3_4BcUKrNw1rHPznspvKwy3BYGNNHxiIDQcBtKufZ2T0c5IxcbycT05QvFfSvIEbT-c8ptOmHGpoQE-eJ0gFQRewvvB9D0pAgGi_9HikwXNatbWQjBD8WiegslkOhoMz-zLIrx-So2nP8MWwFfDppdBMJDgyw4m3v269jYpqkl1ZvO29WaTxwERVTmknQUZkmeOYhPapwM-ZFegyMLrVd6n6dcmSKWQ4KRcElIS-RdBmmSd6DfuCEOygUAzgxgxLkbIYybkaPxnR-Bi1Lvibvx9lMU65PFkIRiJ6OZ5zI6_MxR5sqWbO2anZunYt49bObGzNQjKNOHjfdFzkCwZN4wkGYYE9viP09O_GBz2jjin5XnEPnzuBpJ0WzpFI1dNKW8W-YHRf5YpGjzlx0FNSmolr8W92ajSuYQfO2m2pac4EF6LV89w1hYywTuXRRTOwggEA4-c0X9wcSMFIcmyTQr0etqsKXaRdVrCEwMvCemgfhT4vYzkTiO-hLT5MKqT5l0uh2hTlkrqpPLi8-Qr9BpFR-sfaVJ8cz0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBnjXWopKZamSFYGcxtYPnae6oAGcge-wXKqbqap0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEowJP0EClfJNCLGS3vP0mFUaPfkncKmJ9kPAx3Fy7ky1VMkGOtOMlGIXTtvOX8eu9tbywPPcVZEnM-MLH11lKQ8xCGdx7aDEFJlYrHfNnIhc8Z6b4_4GJxOyNO18Rn5TR2oSQlnzJKm7rTLGDvR4yng0zUVfUXU3Inrr5lq_BGqbxwmbx1NSG05xhaowIyTxfe330RX2hj8VoHusWjw9XGHpr5H6Wgimxt1g8sAjhMtMsWACbpdk5R8_DDzdxLyoCQ_TyHO0q-rjBcak_PxKDyeb_p8Je4FyQtyXIsmVKpg9LcQFQtwtTwoJ9H8mETGgn4YHEwScYGvVCfurR-U1vSssunXRtF217E_vorM0XfaIvjELKpGRC5nkyS5Ve10EAx4bWdueABvKmqqrR4t28d6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2r8H79ix4bmcsMs-0nJlxAxk3AUw%26client%3Dca-pub-3593861583707338%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 Nov 2023 19:05:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.8proof.com
URL
https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2
Domain
cdn.8proof.com
URL
https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3De6152164cc48dbeb

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| googletag function| findCMP function| _defineProperty object| stpdChunk object| stpd object| _pbjsGlobals function| stpdPassback object| stpdSource object| ADAGIO string| clientContinent object| __stpdTags object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| __NUXT__ object| webpackJsonp object| aax function| stpdLog function| installComponents object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| Criteo object| nO53qy function| nO53qX object| xop object| grv7rs3v37k object| pnsch0p88ao object| dataLayer object| $nuxt object| _taboola object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| sas object| apntag object| _ADAGIO object| t75kOQ2 function| t75kOQ3 function| xblocker object| LStMLZ function| LStMLW object| xblacklist object| gapi object| ___jsl object| google_tag_manager function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq object| dotq object| _hmt object| google_image_requests function| UET function| UET_init function| UET_push object| ueto_07d6dfbf0e object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| YAHOO object| google_llp object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 boolean| _bdhm_loaded_aa0a06ebcdfcfd94c5414b413ad87eb2 object| mini_tangram_log_diyl1x boolean| DFPMessageEnabled object| ONFOCUS boolean| _bdhm_loaded_4ad6f2b6e43a838f496dedc942199563 object| mini_tangram_log_7s1cgf

193 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARC4FgoJCP____8HEMIW
i6.liadm.com/s Name: _li_ss
Value: CgA
pt.ldplayer.net/ Name: stpdOrigin
Value: {"origin":"direct"}
pt.ldplayer.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.script.ac/ Name: __cf_bm
Value: kkgv1yAnLxsX6bvidSLq0.EpZ8QiRXmH5.nbhPgw3NM-1699383897-0-AUocvsU16HN67ZRdAxLgv+MPVjN6iTv4EQ+PwTtWS2+jK4S7PvOhc2G2DjjMkbUXmMErJbcgf9CqIodv6DRmq00=
.google.com/ Name: NID
Value: 511=BGQzgwb8bKOR4wF-927X0b2hvJJKOWTtyKJO3v_IuO2Na6t5F5NBjf-5l8LtzcDdS1cwg5tLcpNME3eWvHKpSUeYhh2rh4xfYr-_H4VKc7rgq2N68q653GgkqMkHvnRGdNUaFUE1O-INgY-qunM1U-6kFABdZ_qnmlwsMlBoEIo
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJvbmV0YWciOiIyMDIzLTExLTA3VDE5OjA0OjU3LjY2MTM1NjI5OVoiLCJwdWJtYXRpYyI6IjIwMjMtMTEtMDdUMTk6MDQ6NTcuNjYxMzQ3NzgxWiIsInJ1Ymljb24iOiIyMDIzLTExLTA3VDE5OjA0OjU3LjY2MTM0NjYzWiIsInNtYXJ0IjoiMjAyMy0xMS0wN1QxOTowNDo1Ny42NjEzNTU2NVoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiZTNiYTU4YmMtN2JhYy00ZjA5LWFhYjItN2Q2ZDQ2MjEwNWZlIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDZUMTk6MDQ6NTcuNjYwODAxMTQ2WiJ9fSwiYmRheSI6IjIwMjMtMTEtMDdUMTk6MDQ6NTcuNjYwNjg5ODkyWiJ9
.prebid.a-mo.net/ Name: __amc
Value: 1_1699383897_1699383897
.rubiconproject.com/ Name: khaos
Value: LOOPANM3-1W-DN8V
.ldplayer.net/ Name: _gcl_au
Value: 1.1.1602038071.1699383898
.ldplayer.net/ Name: cto_bundle
Value: mQYhqV9FelN2Z0xCcjF2dCUyRlpEVFloeTlWYnJRVFRrTnNFZ1MlMkJyazJsU0Y2YlM0cmFTM2NSeTk2ZGh4QTg5Q2lDaVBjZ1djRWpVa0RiN282aFlaNjNWNlhkYVNQT0ZTNmdIayUyRlh5UUJuemRoNklpSEFjSDRMeWEzYzlhRENqYlhSWEhTTw
.ldplayer.net/ Name: cto_bidid
Value: aT1O_V9QRlAwYlhVVUsxMXIwcmFJRndYODlkSDhmU0Zjall4ZkU3dXJQODhzenF6cnpFRzZPWDlkdzJVZFN0YzN5YU01TFhkaTA5OXpUSGVycnU2R0R6TlR4USUzRCUzRA
.ldplayer.net/ Name: _uetsid
Value: 8b88ab407da011ee8dae2f032854f86b
.ldplayer.net/ Name: _uetvid
Value: 8b8902107da011ee85dc9703c52f153c
.ldplayer.net/ Name: _gid
Value: GA1.2.1738420909.1699383899
.ldplayer.net/ Name: _gat_UA-116843255-5
Value: 1
.ldplayer.net/ Name: _gat_UA-116843255-26
Value: 1
.pt.ldplayer.net/ Name: G_ENABLED_IDPS
Value: google
.ldplayer.net/ Name: _ga
Value: GA1.1.206618511.1699383898
.bing.com/ Name: MUID
Value: 391152540FC661B5383F41960E5660C4
.bat.bing.com/ Name: MR
Value: 0
.openx.net/ Name: i
Value: 636586e8-97bb-0f9a-35fb-23d11a4d4e81|1699383898
.ldplayer.net/ Name: _fbp
Value: fb.1.1699383899134.2079519009
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUqKWwACDSK4-gBH
.ldplayer.net/ Name: __gads
Value: ID=12415e1fa2467d3d:T=1699383898:RT=1699383898:S=ALNI_MZqi8MQW1xzuswmb0b81UvzFgJj1w
.ldplayer.net/ Name: __gpi
Value: UID=00000da07b4c6a58:T=1699383898:RT=1699383898:S=ALNI_MZ6VEqQfNZQyC-VhMQxtLZgahf_TA
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 8EA4F77DFA85EC8F
.yahoo.com/ Name: A3
Value: d=AQABBFuKSmUCEAu60_vUUbBjgJmZ29TDjDcFEgEBAQHbS2VUZQAAAAAA_eMAAA&S=AQAAAqdlbyF_MAFIrFwvq9LNygk
.rtbrain.app/ Name: uid_cross
Value: 8c221182-7da0-11ee-9ad7-e6607c3d3f48
.pt.ldplayer.net/ Name: Hm_lvt_aa0a06ebcdfcfd94c5414b413ad87eb2
Value: 1699383900
.pt.ldplayer.net/ Name: Hm_lpvt_aa0a06ebcdfcfd94c5414b413ad87eb2
Value: 1699383900
.doubleclick.net/ Name: IDE
Value: AHWqTUnXmEaH9Ams99n2pRFa0X38Dx2s5oEjBTRcUsjLY-u7mkiHeA3Ge5_YL8j02uw
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B9C0015B-5B7D-4C21-B458-89F41AEEA21A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ldplayer.net/ Name: Hm_lvt_4ad6f2b6e43a838f496dedc942199563
Value: 1699383900
.ldplayer.net/ Name: Hm_lpvt_4ad6f2b6e43a838f496dedc942199563
Value: 1699383900
.linkedin.com/ Name: bcookie
Value: "v=2&8e011573-412d-4869-84e6-c278458986c9"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3089:u=1:x=1:i=1699383899:t=1699470299:v=2:sig=AQEmht4GjsmPHBzCFfXqTfzK5oC_Teg1"
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1699383899911
.tapad.com/ Name: TapAd_DID
Value: 31eee410-3768-439a-8f75-e2964218e7ff
.3lift.com/ Name: tluid
Value: 687282048886076904638
.bidr.io/ Name: bito
Value: AAEAY07KlRUAABgYSJpUAA
.simpli.fi/ Name: suid
Value: C270251CC8294682A6CC0DCFCDE43EC7
.mxptint.net/ Name: mxpim
Value: R35CAB_10BC9ACF0_6CFAB714.1.0000000000000000654A8A5B
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_8c717830-7da0-11ee-95e3-125335d52042
.primis.tech/ Name: csuuid
Value: 654a8a5be874a
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1MzcyMwcxLS2E-Ax1C1LMgzIsAlMiMkudACjYF8QlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwNDA2NDM1MzcyMwcxLS2E-Ax1C1LMgzIsAlMiMkudACjYF8QlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlpbGFsYWlpaWYGAEgv_VIQAAAA
.bidswitch.net/ Name: tuuid
Value: a2f84e17-eabd-4b63-ae9f-0af633f7c096
.bidswitch.net/ Name: c
Value: 1699383899
.quantserve.com/ Name: d
Value: EMUBCwGvKvijAA
.quantserve.com/ Name: mc
Value: 654a8a5b-ebc23-c8d44-8f842
.ldplayer.net/ Name: _ga_6PJR84EZXV
Value: GS1.1.1699383898.1.0.1699383899.0.0.0
.sitescout.com/ Name: ssi
Value: eeb97a49-6a34-4c77-b8c0-777d8a46f4e9#1699383899986
.ldplayer.net/ Name: _ga_59PCK5ER57
Value: GS1.1.1699383898.1.0.1699383900.58.0.0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35d1521b-f6b0-5fb7-7d95-65b5470920a1.HIRTD9gMs93M9a28vDFs9mEEgDOE7%2FR8YC0gtMHQy7U
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-35d1521b-f6b0-5fb7-7d95-65b5470920a1.HIRTD9gMs93M9a28vDFs9mEEgDOE7%2FR8YC0gtMHQy7U
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANdFSG_awX7d9lWW1RwkgoSaEdkM.yHf4PAncx22XeHFj7ki2eihMdqit4jSA3UDJckjpRRw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ANdFSG_awX7d9lWW1RwkgoSaEdkM.yHf4PAncx22XeHFj7ki2eihMdqit4jSA3UDJckjpRRw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAglnDqoqNSVMcOT8pUWkn8WcZZEjkHedCR__vb3PH7QEHwYBCDclKqqBjABOgTtVOP9QgQRHDdr.BwZwZqbAO%2Fw4LB9sH024uI4lf51LYuwJRAe3uiORJBc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAglnDqoqNSVMcOT8pUWkn8WcZZEjkHedCR__vb3PH7QEHwYBCDclKqqBjABOgTtVOP9QgQRHDdr.BwZwZqbAO%2Fw4LB9sH024uI4lf51LYuwJRAe3uiORJBc
.w55c.net/ Name: wfivefivec
Value: 8USqmKUP1R0rnK5
.ipredictive.com/ Name: cu
Value: 5b0b922c-4fcd-406b-ad52-cec24283a804|1699383900021
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2GTuohvB^!]tbP6j2F-.aDabByFnKcwTAxcxYO`AT$96kB_(`=b76a@RJfy*qF1`*b^VW(Q-sc
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bidswitch.net/ Name: tuuid_lu
Value: 1699383900
.smartadserver.com/ Name: pid
Value: 3881927734840604943
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:C270251CC8294682A6CC0DCFCDE43EC7&KRTB&23486-uid:C270251CC8294682A6CC0DCFCDE43EC7&KRTB&23489-uid:C270251CC8294682A6CC0DCFCDE43EC7&KRTB&23539-uid:C270251CC8294682A6CC0DCFCDE43EC7
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS&KRTB&19420-UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS&KRTB&22979-UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS&KRTB&23403-UuiP9ly8jvVJuNn0Vu6W9Fy5j6NJ5d2vUO8x-1SS
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2810316567267103198
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDRsMHxHXBIZM65na8PTg8w&KRTB&23025-CAESEDRsMHxHXBIZM65na8PTg8w&KRTB&23386-CAESEDRsMHxHXBIZM65na8PTg8w
.adnxs.com/ Name: uuid2
Value: 8535176339462545458
.tribalfusion.com/ Name: ANON_ID
Value: a5nt6ZasjyDjmTFM6EKNQgZcbJ2ymC3g7mY8dPqFYNfHqdnBRpbNSHYJOLf9QReF9S1JPZdO5KWvk2UBwQtRNWquv1bDEVm
.amazon-adsystem.com/ Name: ad-id
Value: A3Raj8D3SEqpocPPRvoNJLk
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553&KRTB&23418-eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-NdFSG_awX7d9lWW1RwkgoSaEdkM&KRTB&23334-NdFSG_awX7d9lWW1RwkgoSaEdkM&KRTB&23417-NdFSG_awX7d9lWW1RwkgoSaEdkM&KRTB&23426-NdFSG_awX7d9lWW1RwkgoSaEdkM
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-5b0b922c-4fcd-406b-ad52-cec24283a804&KRTB&23011-5b0b922c-4fcd-406b-ad52-cec24283a804&KRTB&23355-5b0b922c-4fcd-406b-ad52-cec24283a804
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CAB_10BC9ACF0_6CFAB714&KRTB&23092-R35CAB_10BC9ACF0_6CFAB714
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-bde329a8-225d-46fd-a117-303b5fe92031&KRTB&23340-bde329a8-225d-46fd-a117-303b5fe92031&KRTB&23498-bde329a8-225d-46fd-a117-303b5fe92031
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:8USqmKUP1R0rnK5&KRTB&23421-uid:8USqmKUP1R0rnK5
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.sharethrough.com/ Name: stx_user_id
Value: 01e63dec-3715-4222-968a-585ad2f1898b
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAG_03d9j3tdANG9AvfAAAAAAA&KRTB&22713-AAAG_03d9j3tdANG9AvfAAAAAAA&KRTB&22715-AAAG_03d9j3tdANG9AvfAAAAAAA&KRTB&23519-AAAG_03d9j3tdANG9AvfAAAAAAA
.turn.com/ Name: uid
Value: 3053997380392811454
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8535176339462545458&KRTB&23339-8535176339462545458
.rtbrain.app/ Name: sid_cross
Value: 8b8a6d29-7da0-11ee-a185-c239fb7755d1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: ed47806c-8dad-4996-9841-a3ef5ceb5700
beacon.lynx.cognitivlabs.com/ Name: ss
Value: mJYnETTZ4KmS3%2FzZ%2B0fTN7wTaEYLnSJvRgcjLxdyMc%2FV6kRJl4YfYn3aFm2baBsjsKv5m4Wmg3wRZChmDNRvQg%3D%3D
.adx.opera.com/ Name: UID
Value: OPUd9f478c13e074b899e9772f33fa9186e
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3053997380392811454&KRTB&23150-3053997380392811454&KRTB&23527-3053997380392811454
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUd9f478c13e074b899e9772f33fa9186e&KRTB&23485-OPUd9f478c13e074b899e9772f33fa9186e&KRTB&23524-OPUd9f478c13e074b899e9772f33fa9186e
.adform.net/ Name: uid
Value: 246106710764278111
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6341650345889727555&KRTB&23263-6341650345889727555&KRTB&23481-6341650345889727555
.creative-serving.com/ Name: tuuid
Value: 86adf3bc-f61d-4c58-82e9-c095d82e2d82
.creative-serving.com/ Name: c
Value: 1699383900
.creative-serving.com/ Name: tuuid_lu
Value: 1699383900
.contextweb.com/ Name: V
Value: 7MoAH4HihgZs
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 27ce4cfd246d1ff4
.hb.yahoo.net/ Name: visitor-id
Value: 3423855001523580000V10
.hb.yahoo.net/ Name: data-mag
Value: LOOPANM3-1W-DN8V~~63
.criteo.com/ Name: uid
Value: 05026310-4ddb-4e70-ba8c-de300203a5ce
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4NTM1MTc2MzM5NDYyNTQ1NDU4IiwiZXhwaXJlcyI6IjIwMjMtMTEtMjFUMTk6MDU6MDEuMzg2NjcwNDc3WiJ9LCJydWJpY29uIjp7InVpZCI6IkxPT1BBTk0zLTFXLUROOFYiLCJleHBpcmVzIjoiMjAyMy0xMS0yMVQxOTowNTowMS4zODY2ODM0NDdaIn19fQ==
.audrte.com/ Name: arcki2
Value: fc3brtYFRP-SAaMwMan8f26zA!20220908!1699383901561!ip#38.132.118.67
ads.us.e-planning.net/ Name: CT
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1699383901
.audrte.com/ Name: arcki2_ddp2
Value: fc3brtYFRP-SAaMwMan8f26zA!20220908!1699383901802
.audrte.com/ Name: arcki2_adform
Value: 246106710764278111!20220908!1699383902014
.smartadserver.com/ Name: csync
Value: 79:05026310-4ddb-4e70-ba8c-de300203a5ce|141:fc3brtYFRP-SAaMwMan8f26zA
.e-planning.net/ Name: E
Value: APwi04KbDKg7aG4d
.technoratimedia.com/ Name: tads_uidp_37
Value: 008d9cd1-cac1-3d0c-9942-3d6c914e16fa
.technoratimedia.com/ Name: tads_uidp_44
Value: LOOMSNAQ-10-8WXB
.technoratimedia.com/ Name: tads_uidp_46
Value: 6669431697871819503
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAFl2oNwLN59QMFr1lvAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 91d1ca89-f043-413d-93ce-589d36d8f3ec
.technoratimedia.com/ Name: tads_uidp_61
Value: 212337026794370
.technoratimedia.com/ Name: tads_uidp_62
Value: 3423812981523557000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 4l3oRe1GTt5trOUngvlXplol5yQRmXwQ
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEAY07KlRUAABgYSJpUAA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-0aeca684-e8b5-4358-884e-4c5fe0a596c2-005
.technoratimedia.com/ Name: tads_uidp_77
Value: WTLnfSd5jkx9NLTzRu3NGlCVyqtuT7u4v5sKiKdfZ4U
.technoratimedia.com/ Name: tads_uidp_79
Value: c9a4d0e8-1487-4db4-87d6-4ded50070ff4
.technoratimedia.com/ Name: tads_uidp_80
Value: y-l41W9bZE2uG219kERtcB3ql8n1ehQjxF~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZUp58ntC7lVwvG0yii37-gAA&5074
.technoratimedia.com/ Name: tads_uid
Value: 74F893955201482E8D04FB9ACD3AF608
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231105093009+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.openx.net/ Name: pd
Value: v2|1699383898.4|iKvPvMgakWgy.bwuYhEgKg2f8
.audrte.com/ Name: arcki2_smart
Value: 3881927734840604943!20220908!1699383902431
.pubmatic.com/ Name: SyncRTB3
Value: 1700179200%3A63%7C1704499200%3A69%7C1700611200%3A35%7C1701907200%3A224%7C1700524800%3A5_54_264_71_8_176_196_99_178_48_21_104_250_234_249_165_166_81_240_231_7_46_3_96_22_238_204_220_56_13_243_233_55_214%7C1699920000%3A38_223_15_2
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEAY07KlRUAABgYSJpUAA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1700352000%3A257%7C1700524800%3A262_260_256_201_261_259_258_263%7C1699401600%3A248_255%7C1699920000%3A265
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1699405502661
.go.sonobi.com/ Name: __uis
Value: 09d951eb-14e5-4040-b7bf-fef7ebc8a175
.go.sonobi.com/ Name: HAPLB8G
Value: s8529|ZUqKY
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-5c638cbf-d8cb-319a-9b7c-8bfaec0919cb
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_86ef36b8-a1cd-4243-8617-dbed5a8d93e8
.casalemedia.com/ Name: CMID
Value: ZUqKXnUCjW-io7mK5mrXYgAA
.casalemedia.com/ Name: CMPS
Value: 4500
.casalemedia.com/ Name: CMPRO
Value: 4500
.ctnsnet.com/ Name: cid_d97cd3b322974f92af950c2cce21e25c
Value: 1
.rlcdn.com/ Name: rlas3
Value: 3jTfzopTGZq5Am7cQJ1avbvwSwc5L+L73wspyy7Yk6o=
.acuityplatform.com/ Name: auid
Value: 849493170895
.kargo.com/ Name: ktcid
Value: 47131bed-012f-0ab3-565f-756c54728f44
.mathtag.com/ Name: uuid
Value: 81a6654a-8a5e-4d00-af2b-340b7a0224a0
.rlcdn.com/ Name: pxrc
Value: CN6UqqoGEgUI6AcQABIGCLrqARAA
.thrtle.com/ Name: mc
Value: eyJpZCI6ImM5ZWJkMDU4LWRjMTUtNGE4NS05NmE4LTNiMmZmMDU1OGQyMiIsImwiOjE2OTkzODM5MDI4MDIsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-849493170895&KRTB&23428-849493170895
.bfmio.com/ Name: __187_cid
Value: B9C0015B-5B7D-4C21-B458-89F41AEEA21A
.bfmio.com/ Name: __io_cid
Value: 93554c35a90769c16ec35ff65bdbb8bfc6ea8442
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:81a6654a-8a5e-4d00-af2b-340b7a0224a0
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7526703031263288345P
.owneriq.net/ Name: pmc
Value: 1
.retargetly.com/ Name: _rlid
Value: 20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
.gumgum.com/ Name: vst
Value: u_a29955c0-ee31-4676-83a2-f3feedded0c9
.colossusssp.com/ Name: gtm_usr
Value: 3d96c5ae-073d-481d-a742-c3fa3cd62515
.colossusssp.com/ Name: lmg_r
Value: 76
.us.ck-ie.com/ Name: CID
Value: 998b88f26180a72dd6be104d095a5b9b4e95c537
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-add83cde-e0e9-4729-ab81-c991e1728845-005%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: b43379e2-5a17-4dd3-a52b-ea400da091a2.468597903
.csync.loopme.me/ Name: viewer_token
Value: 4ae657c3-a629-4c92-bb21-14f27400c977
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nv2|7bq.0.1|8nM.0.1|7dN.0.AAEAY07KlRUAABgYSJpUAA
.c.appier.net/ Name: _auid
Value: NjMTF2HkCMuEVA_fX4pKZQ
.creativecdn.com/ Name: u
Value: evf0fyk3ylCPC5BhJDcI
.creativecdn.com/ Name: ts
Value: 1699383903
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-NjMTF2HkCMuEVA_fX4pKZQ
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5OTM4MzkwMDA0NSwiMjQiOjE2OTkzODM5MDMyNjMsIjU3IjoxNjk5MzgzOTAzNTc5LCIzOSI6MTY5OTM4MzkwMjY1NCwiNyI6MTY5OTM4MzkwMjY1NCwiNzAiOjE2OTkzODM5MDI2NTR9
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRWplSBC+mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVqZUgQvo90aGlyZFBhcnR5VXNlcklkIfuBNzb6QiQCmEMlAUVqZUgquEQlAUVqZUgquEVjMjBmYTZlNTctYjkzYy00YzVlLWI5MDAtMjk1YmY4ZThkNGZh+/uGdmVyc2lvbsL7
.shb-sync.com/ Name: smart_usr
Value: ee1a5f8a-b8b2-4d5b-8213-560448da5011
.shb-sync.com/ Name: smart_r
Value: 32095
.dotomi.com/ Name: DotomiTest
Value: 343c5d5df3f3129e
.server.cpmstar.com/ Name: USER_ID
Value: %a8%db%91%eb%f4%7b%19%a2%dfoT%c3%18%22%3e
.liadm.com/ Name: lidid
Value: 8c17a993-3fca-4e53-b885-88d2a0c5cd63
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2ex7:19e0~2ex7:18za~2ex7:19ai~2ex7"
.mgid.com/ Name: muidn
Value: na739m9Zsg5b
.mgid.com/ Name: __cf_bm
Value: UBNlWicAzMgIVrD.sMGsE4DqiUYxCZHr_dTfnXG8Sd0-1699383903-0-AaWpvWnaDwbJe2CiBdvJVxwpia0emdoM4UEJGacKqlsXYB53nG7NMAfzLHry16tQC1rBp6KoApj6VVocOs3125c=
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-add83cde-e0e9-4729-ab81-c991e1728845-005%22%7D
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxJ+8DFyTpfhdKS5Bv7H1ouoxdnNVF8ci15lbuAIFl07k9B1N4NS1wFazqSrjnN6YrnGe0J3hyh2VQ7DMcu1h88EheQ92NMcLV8bsm1clVNMrQ==
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQVB3aTA0S2JES2c3YUc0ZCIsImV4cGlyZXMiOiIyMDIzLTExLTIxVDE5OjA1OjAzLjEzNzkxMjQ0WiJ9LCJvcGVueCI6eyJ1aWQiOiI4OTE3MzY3ZS04N2EzLTAzODQtMDRhMS0yYjJjZmYzMWJmZjEiLCJleHBpcmVzIjoiMjAyMy0xMS0yMVQxOTowNDo1OS4xMTIyMjkwNzFaIn0sInB1Ym1hdGljIjp7InVpZCI6IkI5QzAwMTVCLTVCN0QtNEMyMS1CNDU4LTg5RjQxQUVFQTIxQSIsImV4cGlyZXMiOiIyMDIzLTExLTIxVDE5OjA1OjAzLjcyMzk2Njk5MloifSwic21hcnRhZHNlcnZlciI6eyJ1aWQiOiI1MDMwNTQ4ODY0Nzg3NjI2MTQxIiwiZXhwaXJlcyI6IjIwMjMtMTEtMjFUMTk6MDQ6NTkuOTU2MDE5NTA0WiJ9fSwiYmRheSI6IjIwMjMtMTEtMDdUMTk6MDQ6NTkuMTEyMTgyMTM5WiJ9
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-add83cde-e0e9-4729-ab81-c991e1728845-005&KRTB&17107-RX-add83cde-e0e9-4729-ab81-c991e1728845-005
.pubmatic.com/ Name: PugT
Value: 1699383902
cm.mgid.com/ Name: mg_sync
Value: {}
.bluekai.com/ Name: bku
Value: rtT99aIvuZVGwF/v
.bluekai.com/ Name: bkpa
Value: KJy9CyOTd02pSUHknp/T1pxlwthoqVk6wE9ZSVx21MOZREjkBEz+RMApR066RpPknV/81e9+1MANRZRTjECABsjCJ7Jkjsk0wVC65cOpJEBOJEJsJEJsRUOyn7Jk5sa0jtP6qcArRt2+JEJszlkrR0DpH7BojYDpHYD0Ba2YuN2PPDkWJE/tzskAJEBWmx19trGoWQ==
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.retargetly.com/ Name: _rlmp1
Value: 2||1699383903&&9||1699383903&&11||1699383903&&13||1699383903&&14||1699383903&&22||1699383903&&23|eeb97a49-6a34-4c77-b8c0-777d8a46f4e9-654a8a5b-5553|1699383903&&24||1699383903&&27||1699383903&&51||1699383903&&70||1699383903&&72||1699383903&&74||1699383903&&76||1699383903

23 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/setupad/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3593861583707338&output=html&h=280&slotname=6722833559&adk=945474129&adf=251707511&pi=t.ma~as.6722833559&w=810&lmt=1699383898&rafmt=11&format=810x280&url=https%3A%2F%2Fpt.ldplayer.net%2Fgames%2Ffinanciamento-lojista-on-pc.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699383897698&bpp=1&bdt=1216&idt=471&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600%2C0x0%2C810x280%2C810x280&nras=1&correlator=8426645240781&frm=20&pv=1&ga_vid=206618511.1699383898&ga_sid=1699383898&ga_hid=1320612970&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079405%2C44807455%2C44807460%2C31078301%2C44807405%2C44807753%2C44806140%2C44808149&oid=2&pvsid=4494613412077999&tmod=268320227&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=TqNG8F0KBK&p=https%3A//pt.ldplayer.net&dtd=475
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=667055444829&ctd=10034&crid=3255&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8oQmWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEogJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FowQ4pRgFdkFX6s4TUp1XuN9ZjhdpvaLT94Rx2Kt5wu2kJ3YcNos0GQE5IAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1PhKRWGvLR7rTV0Ncb_WDIwItRXA%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWgAFsf0ITwVBAAg1cheCfmYZeIqrsGo97w
Message:
Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=667055444829&ctd=10034&crid=3255&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8oQmWopKZf3jFsGKvPIP8uqgIPqPheZtoIOoxa0NwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMzU5Mzg2MTU4MzcwNzMzOMgBCagDAcgDAqoEogJP0HWpyl9EBZoLJBDRhcPNa-b0KsvZehQwAkXqEqLDtbzH-0XDxhLS31WBoSitEgeZAbLl1EBtAi_hWQvkJwFPOno-TVBRqlqnfKJuwKPRlFffffTQ-tknH26VzbV5Bx_UGcD8P02esK-tT9JuXC5oNZJJKooTGhps3Tm8FZCRMPW_v_KspzUVdSR_GvRvail8hAZKWwFaoJV4hRKbF25nADCeF3MmdJG4xSFbYzPj7daEyP7dxMfrLz6khZhj9fbYe9DEfHeoIzPXxVyejs0AXY2lyHT0Ic2t3E9xWiKOLG6gD_lmTwiddv6xviS_YnoCgsSCE2M0FowQ4pRgFdkFX6s4TUp1XuN9ZjhdpvaLT94Rx2Kt5wu2kJ3YcNos0GQE5IAGl7jg4of07aumAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1PhKRWGvLR7rTV0Ncb_WDIwItRXA%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWgAFsf0ITwVBAAg1cheCfmYZeIqrsGo97w
Message:
Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B9C0015B-5B7D-4C21-B458-89F41AEEA21A&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LOOPANM3-1W-DN8V
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://u.4dex.io/setuid?bidder=smart&uid=3881927734840604943&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=667055347494&ctd=10034&crid=3265&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzBIXW4pKZauECOrHjvQPjOCG-A36j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQngAgCoAwHIAwKqBN4CT9B68xkcOn9JFjhUQ0gp0lUFddAuyam2ntX0UO9K3ChAMdWMJboS0ujXvurd4SKRb5U4IDeOcYAGknsE5PAvMJTqnInmiAHU30M-IkK34LFgn_mfHO8l6q0BuNIiw39sLX7sfGaz_4awJxJ8TYrRp9xeGHMrpMu8erf8tbw3un9asd0a00CXwYOBsTdqoRrzrWzdiQcQccYypwZ3FrljuR6GrRzUaPkqzcVZIpyvnqXd_-wDmhvIkZ7OxdZKWbwSz7kCPinP_l3JgKTz97j1e5XT8NMNM93eIsLDRKBOMAbU5XL7H_tqbIANk2RMWiBkkmGNPRFv0C3au9QUT4NU7WN-xI4z7h3HSqc_gKRqMWEnhjBTRUclyigz90kqi4qJVNRNjWlKnSO5AIs-OPYJDxDf0t6_e6atgv-Ku4yWcuh7ML8m9JWy4dO4Xd3HyPKfpc56gRxyxBhAcIM2Yw7gBAGABrqNrPqzkODjhAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3-dOdNMwX8h01b7bPnGkGW_1wVpQ%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWwACAisIg6PqAAGwDJKMB94oj9IFv0kjBA
Message:
Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://8proof.com/app/rtbmarkup/5111?id=667055347494&ctd=10034&crid=3265&cue=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzBIXW4pKZauECOrHjvQPjOCG-A36j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM1OTM4NjE1ODM3MDczMzjIAQngAgCoAwHIAwKqBN4CT9B68xkcOn9JFjhUQ0gp0lUFddAuyam2ntX0UO9K3ChAMdWMJboS0ujXvurd4SKRb5U4IDeOcYAGknsE5PAvMJTqnInmiAHU30M-IkK34LFgn_mfHO8l6q0BuNIiw39sLX7sfGaz_4awJxJ8TYrRp9xeGHMrpMu8erf8tbw3un9asd0a00CXwYOBsTdqoRrzrWzdiQcQccYypwZ3FrljuR6GrRzUaPkqzcVZIpyvnqXd_-wDmhvIkZ7OxdZKWbwSz7kCPinP_l3JgKTz97j1e5XT8NMNM93eIsLDRKBOMAbU5XL7H_tqbIANk2RMWiBkkmGNPRFv0C3au9QUT4NU7WN-xI4z7h3HSqc_gKRqMWEnhjBTRUclyigz90kqi4qJVNRNjWlKnSO5AIs-OPYJDxDf0t6_e6atgv-Ku4yWcuh7ML8m9JWy4dO4Xd3HyPKfpc56gRxyxBhAcIM2Yw7gBAGABrqNrPqzkODjhAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3-dOdNMwX8h01b7bPnGkGW_1wVpQ%26client%3Dca-pub-3593861583707338%26adurl%3D&ap=ZUqKWwACAisIg6PqAAGwDJKMB94oj9IFv0kjBA
Message:
Access to font at 'https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2' from origin 'https://8proof.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.8proof.com/assets/fonts/montserrat-v25-latin-800.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOOPANM3-1W-DN8V&ripv6=2001:550:1d05:1::6
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=e6152164cc48dbeb
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)B9C0015B-5B7D-4C21-B458-89F41AEEA21A
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://idsync.rlcdn.com/712188.gif?partner_uid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=B9C0015B-5B7D-4C21-B458-89F41AEEA21A/gdpr=0/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=20fa6e57-b93c-4c5e-b900-295bf8e8d4fa
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8proof.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.us.criteo.com
ads.us.e-planning.net
adx.adform.net
analytics.google.com
api.retargetly.com
apipt.ldplayer.net
apis.google.com
app.retargetly.com
b1sync.zemanta.com
bat.bing.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cadmus.script.ac
cat.va.us.criteo.com
cdn.8proof.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs.krushmedia.com
csm.us.criteo.net
csync.loopme.me
dbb4b8b68ef9488fdadacf8b62107483.safeframe.googlesyndication.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
encdn.ldmnq.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.rtbrain.app
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hm.baidu.com
i.clean.gg
i.e-planning.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imageproxy.us.criteo.net
ipac.ctnsnet.com
lb.eu-1-id5-sync.com
ldcdn.ldmnq.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
node.setupad.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pdp-cdn.retargetly.com
pdp-service.retargetly.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
play-lh.googleusercontent.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid-stag.setupad.net
prebid.a-mo.net
prebid.adnxs.com
prg.smartadserver.com
pt.ldplayer.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
retargetly-match.dotomi.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rtb.va.us.criteo.com
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
s.yimg.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
setupad-d.openx.net
simage2.pubmatic.com
simage4.pubmatic.com
sp.analytics.yahoo.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syncv4.intentiq.com
t.adx.opera.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u-iad04.e-planning.net
u.4dex.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
us.shb-sync.com
us01.z.antigena.com
usersync.gumgum.com
widget.eu.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
cdn.8proof.com
sync.richaudience.com
103.235.46.191
104.36.115.111
104.36.115.113
124.146.153.165
131.153.172.92
141.95.33.111
147.135.94.208
147.75.195.55
15.197.193.217
151.101.66.49
159.89.25.223
162.19.138.117
162.248.18.34
162.248.18.37
165.254.203.172
172.105.203.31
172.217.13.98
172.240.155.100
172.64.151.101
172.67.68.162
172.98.26.242
172.98.26.245
172.98.26.246
173.231.178.83
174.137.133.32
178.250.7.11
18.160.18.62
18.160.46.59
18.210.186.30
18.211.228.116
18.67.76.99
185.167.164.39
185.184.8.90
188.166.17.21
195.5.165.20
198.148.27.131
199.127.204.171
199.38.167.130
2001:4860:4802:36::178
2001:4998:14:800::1000
205.234.175.175
207.198.113.230
207.198.113.88
216.200.232.253
23.105.12.136
23.203.241.151
23.216.137.114
23.223.209.211
23.32.172.185
23.36.85.188
23.37.113.15
23.47.170.102
23.83.76.39
23.83.76.85
23.88.86.2
2600:1f18:4e9:5a02:14c3:cc7e:2a56:2ee8
2600:1f18:ed:550f:c919:35a9:9cba:2762
2600:9000:2479:5600:1b:6b7d:2300:93a1
2600:9000:24f4:1a00:f:2cbf:3a40:93a1
2600:9000:24f5:9400:1a:5235:f980:93a1
2602:803:c002:300::97
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:108d
2606:4700:1::6813:844c
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:994e
2606:4700::6811:190e
2606:4700::6812:1791
2606:4700::6812:18ad
2606:4700::6812:1f31
2606:ae80:1451:18::1690
2607:f8b0:4004:c0b::9b
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
2607:f8b0:4020:805::200d
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::200e
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2607:f8b0:4020:807::200e
2607:f8b0:4020:807::2016
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::485
3.162.125.73
3.213.91.23
3.223.92.136
3.224.166.52
3.82.133.217
34.102.253.54
34.111.113.62
34.149.135.28
34.149.40.38
34.150.170.96
34.200.65.202
34.225.59.34
34.227.124.92
34.233.202.199
34.251.59.251
34.95.69.49
35.186.193.173
35.190.60.146
35.211.178.172
35.214.162.203
35.227.252.103
35.244.159.8
35.71.139.29
37.157.6.233
40.76.134.238
44.218.53.191
51.222.239.230
52.116.53.150
52.200.82.255
52.44.65.34
52.46.128.147
52.95.115.196
54.145.174.153
54.146.239.191
54.147.207.87
54.165.64.233
54.167.230.104
54.87.127.173
54.88.170.211
63.251.86.49
63.34.193.74
64.74.236.95
68.67.153.61
68.67.160.132
69.166.1.66
69.90.254.78
74.119.119.139
74.119.119.147
74.119.119.150
76.13.32.146
8.18.47.7
8.2.108.175
8.2.110.134
8.2.110.17
8.2.110.33
8.28.7.83
8.39.36.142
8.43.72.97
8.43.72.98
82.145.213.8
99.84.191.93
99.84.208.112
00c81b263d0ff57fd30eab231ae9bd150335a862be26fcff9079de077d603487
0169437956aa765bb12f74e618d7862f422b2d03cd60ae6a1f5a3d0d82a4e745
02e352b140d14a51c1d66d16a19cd9be5f59b919e5b06a431312b37f966d6cfc
035aa5d11e5faaf0793aa73c7d81e3ea4e0f2437e49a71c6b93c6f534b14d433
077f56ae156f91774f40dc56d9addbca37bb19a8bdb3472876acb36538d8d3c2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0943fdf6c62d2bd617c3eee485a93bb0de4358b940654d6b84aacfd6793c32ac
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a8210787927700f4dcf7b1a5cc93b02b21b151359f5c29073bdb3b1e089d153
0aac002679cc94de90bce1b283fc4a89647ca95badc0ae151138734cd81b7902
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1035d04932b70e39938ea6a55ca7df7689c18201396548b3c38894445ada2847
11eea7e45a8b985f966fe436afeb2f51b83215ea07616ed0b336c976477ce06e
1465a97e35c2024fa2914d7762c656eb6237ccecd6e71a4adb706093120d90c8
14fd9022e526ec04d4ccbe1a4c72b956930e97fbf2784e09e6d367ea26e71366
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1c5e06289f4fa63c0018d47707d8d08dbd9a8c1c3db8207502c75711326cf097
1d8b44b2c5eb04e7e7e2b859bcc9f213c6e9581638168f7d6fd86380a9b35d40
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f0214b4fb4a8043c535429eab0a6eac075fad6c2a479210f0d140f02201cc04
2006f59e41854548ca4e701cd2203c0e727328e275ca4845bb6c6983e79658d2
202e37a545a4eb72a627858f452b72621660e23918092e612a2dd4b922db7e4c
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e
25203d9e24924be10eb685e1464ba9674db3f0694d281ca9fa4fa9c295c0c650
26493180d9c6409494824d65a9b3acd36a84e3172399cc60df67a12815455bf1
26891ac7786fedeefab0d7b5bb65f0b9699eeb33c0e77d9ebbfc4f134c5bb516
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
29bc5573c66ed910e2fada11cc37fb9a51b017aef0928b2c2af759fda95a3131
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d47bdabf018867363190368dd9181264b95a66b47de3be954f19d564763e09b
2d8853644d036d7c26dd017558d46631da41deed6324f0c2d12065c4f4e2ddb2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9b6e9c868ee773f8ae051969af0dcc62e6d7ec2b6e961eb3e46e17056f4ce9
2f02eb1358d0a44ed3306fc4d991b63139cbc7dcf72ea3582bf03bce9141cdd2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309f3ab3441aeafb0b828ba3f1ef3bf6ec4886f034f8c3a2af14ce345320ea60
30aba18549cbc008581fa76796a3dae4791d8f84e90d02dc3dfa8c438e18633f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371
32c03a59d4544c78b10f643f2c34d73d186953061bd1d2df69d5679112a10c9a
32eb202674cc299996d6b2056a7aa67480a6b134fd6d553b3085e20420eada09
368a0b9953c4d1be5708383dc8baa8d818ebb3cded0fbddeed5315658d4be6d6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375e8eed276974ea986820fe59c2ecc2458a4c3699c4deccbb2ab6b723c1a07f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39a268fda0b2f2099a2df8d8c03602c3b7f2b0810c3c5dae9592240066a3f439
3c30a93588ea8529d675744c18266953f8cc013d79d427d11531f01d0a6bb790
3c6d2a38d3112e13184f64d15d7462b8a0d123a024895331941fa29078eabefa
3d03db41bcb427987125a483a1623120a2fe804cb240d34d65456fdfcfb778f8
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066d9ec7726346bc2fe8ee03ae059c4f51d6bcfa3d96281df44858d6325b55d
420bbf00d533278565c6e8e6307f1d974a3fea1627410aef0d5ecffb792834c0
437e6a843b5eca8d0a597d6acfd1402ce2051a4cd5571ffd40c30774722fa803
43efec7f1527f96e1aa0ec3ebe52296866320bda96fc126b68c79f6d8f4eb95b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
4597a77c1db9dbd0a33684ebdce638203a1359ef4bae7fd819b813bcc2daf382
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474039b8a912be870e429a44768f19badc7c0883f84a0586b6723907edfeb5ce
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b13f5bd6003603ac840999a8d93c2192e8d9681687ccc8574b1c1b00108a498
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd5e291e2019279222ffb3bf57de474873eccaf64eeb3f07750bfe7c02c631d
4dbcac3719180e58d03faefee9f5e747005786b6f1753aff38521c9752327a9d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efa8fd3e6ceb0f9e5c09436c95e053d7f275f8c4fba8e1927b87fadeacb69d0
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
50e854be9f60138faf6c2a1ae1256d76a22f73904949ffefa0d151cba4cea754
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54faa5ca5c23f80ca70688f1da0583e273af31ca4b68dff1dc596267d07fb293
55d4b1d90f89e2cf2d9db4c6c427c998f2e0aa133254b80a377f31eb46b0dbc9
55f13eaab3d3237cec445d49104fd21a0822fdab2f0b543ff491f2f877a74af5
5cb47558e69f1a358fce8e08760b065554ef407d3a394e922bc014cc98577652
5ce464c8287c80c99163a32c3c02d03a95ffc4b9ec1e18b7f84abc6b61667774
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
64510d72a8108e9a45ec55fed2854fd795ed43f91593076201f4bc723f08b7ab
6688838cc7716335ef7a2e4255f048c617fd6ec1264f9ff8f4755077759cfafa
66a12777ee081b53b06ccdf4baeeb99b321327236c0c7bd91dc8955c9026dcfa
6759feac786ffe41b6e09b347355c8448cd5fdb9d1d47152bffcf559de7bf55f
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6a6a1f0999465a0f793dff32f9d660289235e0998e27ff340a0ccfba19f12c74
6a6df6fe5aaa5c369c636843224dfc70233fe476f1d1d9e7335101b8a4f64bdb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b56ddc3da0759afa4ea112c212b61af934a6a47a4d5b65041d2d76158615aee
6cf5c3825606c3a20ce5336747ba03bc4b8f8189fd66e64905d7af63348bcf40
6e5dca2717099d44f538f8c090e531774f2ad4fc1c935b2158d04da225c6f124
6e677bb52b2d83a4b9e9acf68f8e897f25442c592160a72fdec4d66654ef45ce
6f6cb8ab3e99cbc397649f55df8ef267bc65d5a2fde29b350ba4ec90376267d3
6fd16a14867b950b9421650d73a2b764f3da7606d969cb1fa1ee65d93ec9e7d7
6fe74c1ac1934858ac578709a5a123f53fefac219b686cd39af86de3da0fa544
70db5b9348916a1a5fc1fa55777f1598c05504d60fca514e68a250fcfe8d28b1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e4bea7d6ff5d28a63fffeff98d2b4388e5cf27351c1811f54d32635d03074a
7454f0ddca741a56b186d7e37a3af5afd253e92d27005874af708bd0dccd19b4
76ae36b1d89ff8a1eef04651ac0fd65cab6648127c13ccaf5346897ecdc41012
77081a7e7c7f5a0727c567b8904f492ea917edfed8da266b58b9f0d9bc135ad2
7aa742be653fae350e8363257d79c15f663aef950e9c90d1230bd4c33501b6f5
7b1820dcf0ba561648f5e1c1a5f074c6a11fe12f9f795f9838c20dad6ac1702d
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7cf4189c7370acceaf3284e043f5c1c54d5abfba595fbdcb1520d4b18d8b04d3
7f622f88919863e27acd80d58b054b1afa1446602775d9fbd13a7143f674012d
7f7876d8fdef35cf47f3dbec128e50d2e5f6051e7700b0f2df075a83187666d0
8061a7ed1089309933bdad03baa51aab10b22c4827ce92b177d5b4feb34f9ab9
80c60cf2842c8a1f32fdcc87ed58cff8a8be8004c43ceb33a4707b6930486413
811b5a0721c545fa5a5084d5223e17957fabd150938bee5b93ac8a5f94eeb0f4
822d9701acb42b4ec4119abc3973bbdd216c3acc268dee93b277238724bcbb68
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
844fb024346d9969a4d4ade46298ee706c8c86348ebbdc29e42fc617b232bdc5
85513addfb92c943c9bb5bbe3ec8f9454fd12625c906081f8c09ad099aaf4300
87cb3f981317ccf5ad632f64e531aa7da8d49571127cfa1f142483a085f89d82
89753ef455d232d0c68770ac0aea747c69f74f4f67cb4fd06fe2bd8dcabff5e5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a556cdd57482298a64ecac411e78550125656c3fc42595ae6000a9c5b8853d1
8ba12a2510f60caad343e9c996fca81f8889c5762d78541ed4f7fa4ca8e965ba
8c334b427d09a690413e3633da9f43a624f1ec55619f87f57ae848bfbebdcc27
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9065f6dc10de73004d61ec8d9587db4d3e73450a1e682f2b39f231af25f8613f
91fb784e8633d4474708eb265d54bd681937847ce5bcb3e89fa7596cc6379188
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
958bfe42948f047b7ee4d0dcaf1028b84710a5639d8db15121a8bff7cf700ddf
967b4d06fc53dfebc8006e8b92f29b7676445d84cd91c9d009f5a77e6b5cdeef
97805c721b1c9b241663729fd6437d42672ec0cb79ccfd4b804ebbeffbd5eb16
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a0e951cee522b4ab8feb102d4d262970985af4a7ba1ebf434926b81770c5aed
9aabfeb94e07868164d8a9e14a7b6d0a7ee4a9b36f225a6f1cea70eeaaa1bf9a
9b11ad6d818471c5f7cee16722caf233d195718fb25f47fbefff74c295d3ce09
9b150be99850bfa35390723c37e103822059609124bf9e886adb30de09dadfb7
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e3f43528bd19e1672439a69d4eaa3acbce4013925adb5319f886a2c2973ebd4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1383e607a7bcf319a8e9bc71c7cbc40267ad0eac91bbab2f8b1a008e5423205
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a35024e1ba7763de7ca1bf798102c5ada917b98cd020bcfd523cceb73314b5d5
a43fca718a3f29d6c5817925ba0df5c686779c3cc6fc35a455ac6d15a2511476
a45d95f15a9204076259f3d914663cec9587f3042770501ed7f595cc28645e58
a5202dc62bfd0cc5becca711f9af316ab604a3652ac1b86d5961afa5128be431
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79239acbd722003ea398bb364df76ced1cd338aa84bfe76ecc31888cbf96f18
a9b5cebe35dbb48bacdc4260be4a8aeed653e4b2ab6c02884400eab65d59908a
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
abb466d690ea4eab8d1e37002acc314c832e0ba867f3d7978645032db4fdf029
ac9cd585667114f86a8ed7607625fdd8cedeeababd6516b649de5739fec1cdca
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad2a9c429cbc2eeff1fee9dbde9f1dc0ee5a9806b06205f81fca33ecff3ea28e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2040fdd460a647ab55faa3597a714dccaed4bd3eda8f4ed7c9aede9cf99ad7
af7bd56d3112a05dbe41de9b7550e8ebfbee656e33fa9c852dc0082a14d7a1df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e05f2ba7e21d6eb55045fe225f4bf3c5b2dab63d1ea36b878d9d3f551b3554
b1e9d600d551dc15ec9ae553b0e21d1faa8cd5d42f6fbb46faf8111201002174
b2d9a02148fd46c283e25951b57dfa1c3627020e633366fcf72f2679e1c15985
b2ddba2747cb391af2f19c7d4e30258d4c3fc9e78d28808b141ba13b65438606
b3547f654c0f3914b730f58ca48fc0cedfdbf1a1245f6716e9296df7c416e3df
b3eda51bb1c8d5c2e23b2019edbd407cc7947934afbaa13b631db4b9261f2714
b62d0a2a11d9df654c90530290689d25f59869f5edaf3a4acf82a4961db088c3
b6d163f6ac847d2ae411128f4a3b9397034b109bff2bfd4db86182761eb1bbd6
b916de3b4d79f9586b879e88761bea89ae5a4529f70c321be40a69b9ee6eb1fe
b9dd41d26a351f2c6b4fc0ac59e138c75b06740eb5152d86d84b53bce3219263
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf2eeb7e1f5a23f225e8356966ff8ebe77ef3c3420b77cbc7852a6f290c2dc4
bd1792039052bda65ba1ae363d8a3aa63d7e25c36c066b628748491e15cd8439
be52ff5d5406d354e00a70abbb9b8c87d0660e071aac6b604d8d7d4f703e799c
bf64d162c4007872cea5c188bbbf2a285d565363fcc674785511570cc8c6c65c
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c04cfb87f2ee744ebb8686426c5f9c6c5af6e5a321a25c8498f071df7c302520
c055f10b99b5f55f46aab73d7b803d5161d1617736cbd04648c7241e426a6b11
c1fb46b1b624ff40905bdb57f36f0e17b5ad3685596b7bca85b71b2ed758a04d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c42264ce6b9ba64fc8c878a225d4a6281aa2c39389e546acfc315ed7a2e415f9
c4c1a5b9ad86d122a39fbf80113e23b12edaa7e3a28eaa3e37d205832a730bde
c9818f99b0e30da8dd46436953e1dfcf00f1c67e7671ccc7b0001702b3c826a0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce397fcd680732b7add4428b18edb8c7d6a89e7d7c6efce6b3093b8d5a13160a
ce98b1f7068fe4eb5d2cb975d6c80893bd441d13cbb25b28bf4ae4af1c6da73a
cf242ced2a749ec13a46b60fa8e1d8376f9986761c25c174919cc6fe6678a745
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9a84e1558e2922805e36adeaa3b33ea3ea0e83aa1c06c973cb3736cc926fe5
cff9e31bc258bbd5f48dc7375b962e21b43587cf6fc2e18494a9cc1c1dac1c83
d072c1178f00bf45b975595c8078dbda43ed2fd26325bb2ae761a6cb56f71fff
d35b5819bb578eca110d3eee756a7dfcbef9575d8904595b5f0754d499c933fb
d3b6cb89347c29fdb61545172403ca507a1f9a6348648efd54e38f9375658898
d408aa65d7d24d320d73be3b6ddf6a3a9c1823c92d79b06a29fa0fe134a82707
d43786654b60e741ab27e69b81e9ec9888976e054c6fdd9d48dd635e34b7bdc8
d5322c97a4a9c58dc45d5ca103af207741061bd368e6fcc93198108cc355d1f8
d5b5229591b74f5c421ba1aa38d6fa48d86585c285492bdb742359ddfb328805
d6003a63c4a2770b126999dcbe6eaaec114af8c3b8d1b884124b07e6006b689c
d94bda53b771b844d42fd6bace1e6db91fe72c6cd9b7cd51e8da3d57109348d4
d94c224d64c17921e1722468ac6b69b7a8306d8be9bf5b3f28e3743c069fb7e4
dd1a3c12592bcfb23523a42abbc48c66a355cadcafbb234e8bba87eef2f6cc82
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee4990543958ba68e658ea4b5f2350b45778242448a4cb6150d5670a9adb478
dffd1840523436dc0d7279bb977091ac40c61c577b57be8885e56c6a7647b181
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c82aeed01c02783c3cd94e7dc9496d850a87dc1a653a72dbfe3126b3e23d79
e453077ebf0f5cf10cc975d322becbc3121c1998bf0f94b3cf5eabaea1cf0644
e4666d245cd4da4127e8a2ec30c9bd43bd40d40d24ae9eb0e323c485880aa10e
e5bfeba3c483bd708ece2037522732009658881e13be20e38799525f1905caf9
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
e9290a7aa4dcfa7ce562ea45d98422de57ebe799036d069d4fe4e75ee036d2f9
e9e1541294ad1b2c4d9020af4ea4b3a02cc87d14cc164a129099bec183a63ed9
eaf68b8382a7596a5e94d4701953be8984b2abb074250a67e8def64efb6c2866
ec6fb9d22bf8a0a7a8aa07a5c177193c96f293470373ae83ced9afdc620f7b87
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04db8faf23fc09e57dc875f295a32e3897cd2158e0e6cf824f80921fb4df09d
f1b7ce4b79799fcb7699fdaf50b8d2412e6f35d4d5ff75de80024ea25f554f07
f2337d4e2f9bff9d017b56e351587eb551a7bedf5e155ca7d463d8b4ebdfa488
f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa
f5aef68848917c078b2faeab39c6317c7102f082cc3c619bcdf458287658a7b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8435f304402699c56159c30ace88558213916b987587a0ebbe84d9abc7410ef
fb6463e6dac6043ec3340b21358a8d0acd6704e866009f44e863415cc590f4cb
fb74f6c85cace13979c47123ddd61937c52516a0860b0653e5e7df100e13c66f
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdb0283edbd4e5933444da95741c15ca183a0836914659e63caf4d2092a2934d
fde723d8755e20fb26aa9d307783be6dfc2608d4b6731a278133c98507b11e45
fe93f7fec9dddc23f8e4112a39e174f9df463575e6c23fc536c6c37af3d39ac5
fefd57c0feb7d046c14d05d213bf2297c327f3182fee123ed89fa8bfe554b7ff