urlscan.io logo urlscan.io
SecurityTrails logo

tjoose-by-santander.softonic.com.br Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://tjoose-by-santander.softonic.com.br/android
Submission: On November 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 13 countries across 109 domains to perform 384 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is tjoose-by-santander.softonic.com.br.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.
This is the only time tjoose-by-santander.softonic.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 35.227.233.104 15169 (GOOGLE)
2 2600:9000:24e... 16509 (AMAZON-02)
4 2607:f8b0:402... 15169 (GOOGLE)
19 2607:f8b0:402... 15169 (GOOGLE)
7 2607:f8b0:402... 15169 (GOOGLE)
15 151.101.193.91 54113 (FASTLY)
21 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2607:f8b0:402... 15169 (GOOGLE)
2 4 172.217.13.198 15169 (GOOGLE)
1 13.249.181.27 16509 (AMAZON-02)
3 18.161.23.84 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:402... 15169 (GOOGLE)
6 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
4 162.19.138.119 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:402... 15169 (GOOGLE)
10 2607:f8b0:402... 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
3 208.115.232.150 46475 (LIMESTONE...)
2 11 63.251.86.51 10913 (INTERNAP-BLK)
1 3.225.65.162 14618 (AMAZON-AES)
1 3.138.212.158 16509 (AMAZON-02)
1 178.128.135.204 14061 (DIGITALOC...)
12 16 68.67.160.137 29990 (ASN-APPNEX)
3 17 172.64.151.101 13335 (CLOUDFLAR...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 18.239.168.67 16509 (AMAZON-02)
1 18.161.31.77 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.13.102 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
2 162.19.138.120 16276 (OVH)
1 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 139.45.240.92 57304 (RUBY-AS)
13 2607:f8b0:402... 15169 (GOOGLE)
2 18 52.46.128.147 16509 (AMAZON-02)
1 17 51.222.239.232 16276 (OVH)
14 15 199.127.204.142 26120 (RHYTHMONE)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
2 3.223.229.49 14618 (AMAZON-AES)
4 23.220.188.219 16625 (AKAMAI-AS)
12 23.195.94.138 16625 (AKAMAI-AS)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
3 4 216.22.16.5 30633 (LEASEWEB-...)
2 3 52.223.22.214 16509 (AMAZON-02)
14 20 172.217.13.194 15169 (GOOGLE)
15 15 15.197.193.217 16509 (AMAZON-02)
7 8 44.205.140.116 14618 (AMAZON-AES)
2 2 18.161.34.37 16509 (AMAZON-02)
5 5 199.38.167.130 54312 (ROCKETFUEL)
1 107.178.254.65 15169 (GOOGLE)
1 1 35.208.249.213 19527 (GOOGLE-2)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 8.43.72.97 26667 (RUBICONPR...)
4 4 198.148.27.131 19189 (PULSEPOINT)
1 1 52.223.40.198 16509 (AMAZON-02)
14 35.172.99.217 14618 (AMAZON-AES)
11 11 35.211.178.172 15169 (GOOGLE)
2 2 5.161.124.197 213230 (HETZNER-C...)
4 4 52.73.146.218 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 54.144.102.175 14618 (AMAZON-AES)
2 3 38.91.45.7 398989 (DEEPINTENT)
6 6 50.31.142.191 23352 (SERVERCEN...)
4 4 185.167.164.39 198622 (ADFORM)
1 1 124.146.153.162 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
5 5 23.1.200.83 16625 (AKAMAI-AS)
21 42 69.173.151.100 26667 (RUBICONPR...)
4 8.28.7.81 62713 (AS-PUBMATIC)
1 2607:f8b0:402... 15169 (GOOGLE)
2 6 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
1 9 8.28.7.83 62713 (AS-PUBMATIC)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
6 18 162.248.18.37 62713 (AS-PUBMATIC)
4 4 34.200.65.202 14618 (AMAZON-AES)
3 8.28.7.84 62713 (AS-PUBMATIC)
1 54.239.38.253 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
8 8 54.152.44.123 14618 (AMAZON-AES)
1 1 2600:9000:24e... 16509 (AMAZON-02)
1 1 2600:9000:220... 16509 (AMAZON-02)
1 18.239.168.37 16509 (AMAZON-02)
1 23.40.179.63 20940 (AKAMAI-ASN1)
1 147.75.198.144 54825 (PACKET)
2 3.229.232.144 14618 (AMAZON-AES)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
2 2 192.132.33.67 18568 (BIDTELLECT)
4 4 74.119.119.150 19750 (AS-CRITEO)
1 34.149.50.64 15169 (GOOGLE)
1 2 35.190.60.146 15169 (GOOGLE)
17 44.227.56.135 16509 (AMAZON-02)
1 52.200.68.59 14618 (AMAZON-AES)
1 18.205.170.196 14618 (AMAZON-AES)
2 104.18.38.76 13335 (CLOUDFLAR...)
12 23.195.92.23 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
1 13.249.190.82 16509 (AMAZON-02)
1 1 172.67.10.198 13335 (CLOUDFLAR...)
6 6 8.28.7.82 62713 (AS-PUBMATIC)
2 4 204.2.226.29 2914 (NTT-LTD-2914)
1 1 45.137.176.88 60350 (VP)
1 1 54.208.7.195 14618 (AMAZON-AES)
2 2 188.42.34.64 7979 (SERVERS-COM)
3 6 23.83.76.106 395954 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 151.101.66.49 54113 (FASTLY)
2 2 173.231.178.115 32475 (SINGLEHOP...)
1 2 50.17.251.244 14618 (AMAZON-AES)
1 34.195.156.160 14618 (AMAZON-AES)
1 52.205.149.190 14618 (AMAZON-AES)
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 34.196.172.118 14618 (AMAZON-AES)
2 2 207.198.113.88 13768 (COGECO-PEER1)
2 2 74.121.140.211 30419 (MEDIAMATH...)
2 2 213.19.162.90 3356 (LEVEL3)
1 1 63.251.28.133 26558 (FREEWHEEL)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 18.233.15.134 14618 (AMAZON-AES)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 34.231.99.255 14618 (AMAZON-AES)
1 2620:100:a001::c 19750 (AS-CRITEO)
1 1 69.166.1.34 27630 (AS-XFERNET)
3 23.56.220.66 16625 (AKAMAI-AS)
3 3 52.23.71.199 14618 (AMAZON-AES)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 1 52.7.162.39 14618 (AMAZON-AES)
1 2 52.206.205.175 14618 (AMAZON-AES)
1 1 82.145.213.8 39832 (NO-OPERA)
1 34.252.126.63 16509 (AMAZON-02)
2 4 54.156.21.254 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 35.214.180.112 15169 (GOOGLE)
1 44.216.205.237 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
384 99
5    35.227.233.104 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 104.233.227.35.bc.googleusercontent.com
tjoose-by-santander.softonic.com.br
softonic.com.br
2    2600:9000:24eb:8800:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
partner.googleadservices.com
googleads.g.doubleclick.net
www.googletagservices.com
7    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
15    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
21    2600:141b:1c00:488::29cc (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
2    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net
8876029.fls.doubleclick.net
12325200.fls.doubleclick.net
1    13.249.181.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-181-27.bos50.r.cloudfront.net
www.datadoghq-browser-agent.com
3    18.161.23.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-23-84.bos50.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
6    2600:141b:1c00:19::17c8:580c (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
articles-img.sftcdn.net
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
10    2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
11    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
ce.lijit.com
1    3.225.65.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-65-162.compute-1.amazonaws.com
ad.360yield.com
1    3.138.212.158 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-212-158.us-east-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
brightcombid.marphezis.com
16    68.67.160.137 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
17    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.239.168.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-67.bos50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.161.31.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-31-77.bos50.r.cloudfront.net
aax.amazon-adsystem.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4020:804::201b (Montreal, Canada)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
lexicon.33across.com
1    139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)
notix.io
13    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
17    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
15    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    3.223.229.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-229-49.compute-1.amazonaws.com
rtb.gumgum.com
4    23.220.188.219 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-219.deploy.static.akamaitechnologies.com
ads.pubmatic.com
12    23.195.94.138 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-94-138.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
4    216.22.16.5 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
3    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
20    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
cm.g.doubleclick.net
15    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    44.205.140.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-140-116.compute-1.amazonaws.com
i.liadm.com
2    18.161.34.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-37.bos50.r.cloudfront.net
live.rezync.com
5    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
data.adsrvr.org
14    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
11    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    5.161.124.197 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.197.124.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
4    52.73.146.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-146-218.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2600:1f18:4e9:5a02:a344:818b:7db4:692b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    54.144.102.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-102-175.compute-1.amazonaws.com
sync.ipredictive.com
3    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
6    50.31.142.191 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
42    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
18    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    54.152.44.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-44-123.compute-1.amazonaws.com
match.prod.bidr.io
1    2600:9000:24ef:d400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:2209:9200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.239.168.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-37.bos50.r.cloudfront.net
sync1.intentiq.com
1    23.40.179.63 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-63.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    3.229.232.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-232-144.compute-1.amazonaws.com
match.sharethrough.com
1    2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.67.bidtellect.com
bttrack.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
17    44.227.56.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-56-135.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
visitor-us-west-2.omnitagjs.com
1    52.200.68.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-68-59.compute-1.amazonaws.com
exchange.mediavine.com
1    18.205.170.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-170-196.compute-1.amazonaws.com
cs.yellowblue.io
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
12    23.195.92.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-92-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    13.249.190.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-190-82.bos50.r.cloudfront.net
api-2-0.spot.im
1    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
6    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    204.2.226.29 (Springfield, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    54.208.7.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-7-195.compute-1.amazonaws.com
jadserve.postrelease.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
6    23.83.76.106 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    173.231.178.115 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
2    50.17.251.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-251-244.compute-1.amazonaws.com
thrtle.com
1    34.195.156.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-156-160.compute-1.amazonaws.com
crb.kargo.com
1    52.205.149.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-149-190.compute-1.amazonaws.com
sync.bfmio.com
4    2606:ae80:1451:20::1690 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
1    34.196.172.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-172-118.compute-1.amazonaws.com
rtb.adentifi.com
2    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    2600:1f18:ed:550f:8363:f8d9:31ef:349f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    18.233.15.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-15-134.compute-1.amazonaws.com
dpm.demdex.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    34.231.99.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-99-255.compute-1.amazonaws.com
um4.eqads.com
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    23.56.220.66 (Eden Prairie, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-220-66.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
3    52.23.71.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-71-199.compute-1.amazonaws.com
pm.w55c.net
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    52.7.162.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-162-39.compute-1.amazonaws.com
rtb.adstanding.com
2    52.206.205.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-205-175.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    34.252.126.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-126-63.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
4    54.156.21.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-21-254.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    35.214.180.112 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 112.180.214.35.bc.googleusercontent.com
csync.loopme.me
1    44.216.205.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-205-237.compute-1.amazonaws.com
bpi.rtactivate.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
Apex Domain
Subdomains		 Transfer
63 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
117 KB
45 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
image8.pubmatic.com — Cisco Umbrella Rank: 662
53 KB
42 sftcdn.net
sc.sftcdn.net — Cisco Umbrella Rank: 111773
images.sftcdn.net — Cisco Umbrella Rank: 92468
articles-img.sftcdn.net — Cisco Umbrella Rank: 221933
388 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
8876029.fls.doubleclick.net — Cisco Umbrella Rank: 254586
12325200.fls.doubleclick.net — Cisco Umbrella Rank: 283137
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 154
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
210 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
86 KB
23 googlesyndication.com
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
292 KB
18 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
visitor-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 5285
8 KB
17 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
7 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
12 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
29 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
data.adsrvr.org — Cisco Umbrella Rank: 5710
6 KB
16 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
usersync.gumgum.com — Cisco Umbrella Rank: 2098
5 KB
16 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
cs.media.net — Cisco Umbrella Rank: 1513
c21lg-d.media.net — Cisco Umbrella Rank: 2513
37 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 157
ampcid.google.com — Cisco Umbrella Rank: 2931
adservice.google.com — Cisco Umbrella Rank: 105
55 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
5 KB
11 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
10 KB
10 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6263
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
4 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
7 KB
9 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
5 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
4 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
cdn.id5-sync.com — Cisco Umbrella Rank: 863
66 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
2 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
5 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
3 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
2 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
18 KB
5 softonic.com.br
tjoose-by-santander.softonic.com.br
softonic.com.br — Cisco Umbrella Rank: 647756
224 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
prebid-match.dotomi.com — Cisco Umbrella Rank: 2253
1 KB
4 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
242 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
339 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
lexicon.33across.com — Cisco Umbrella Rank: 1497
5 KB
3 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3792
sync.richaudience.com Failed
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
839 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
836 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4186
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
749 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
685 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
1011 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
768 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
751 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
685 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
534 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
559 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2315
551 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
589 B
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 409
fonts.googleapis.com — Cisco Umbrella Rank: 31
8 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2716
53 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6418
97 KB
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1570
109 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
674 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
363 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 7554
357 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
592 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
721 B
1 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2479
273 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
516 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
35 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1180
359 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
4 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
598 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1578
774 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2822
672 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2826
458 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1590
326 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
186 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
284 B
1 gstatic.com
fonts.gstatic.com
16 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
647 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
555 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
732 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
659 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
821 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
374 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 988
580 B
1 notix.io
notix.io — Cisco Umbrella Rank: 17058
266 B
1 marphezis.com
brightcombid.marphezis.com — Cisco Umbrella Rank: 19722
247 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
384 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471
48 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
412 B
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adsymptotic.com Failed
p.adsymptotic.com Failed
384 109
Domain Requested by
29 pixel.rubiconproject.com 15 redirects s.amazon-adsystem.com
rtb.gumgum.com
onetag-sys.com
21 images.sftcdn.net tjoose-by-santander.softonic.com.br
20 cm.g.doubleclick.net 14 redirects ce.lijit.com
rtb.gumgum.com
u.openx.net
s.amazon-adsystem.com
onetag-sys.com
18 simage2.pubmatic.com 6 redirects s.amazon-adsystem.com
ads.pubmatic.com
18 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ce.lijit.com
rtb.gumgum.com
u.openx.net
ads.pubmatic.com
17 onetag-sys.com 1 redirects s.amazon-adsystem.com
visitor.omnitagjs.com
ads.pubmatic.com
onetag-sys.com
15 match.adsrvr.org 15 redirects
15 sc.sftcdn.net tjoose-by-santander.softonic.com.br
sc.sftcdn.net
14 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
13 token.rubiconproject.com 6 redirects eus.rubiconproject.com
s.amazon-adsystem.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
13 securepubads.g.doubleclick.net tjoose-by-santander.softonic.com.br
sc.sftcdn.net
securepubads.g.doubleclick.net
www.datadoghq-browser-agent.com
www.googletagservices.com
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
12 contextual.media.net softonic.com.br
contextual.media.net
12 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
visitor.omnitagjs.com
contextual.media.net
11 x.bidswitch.net 11 redirects
11 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 visitor.omnitagjs.com s.amazon-adsystem.com
softonic.com.br
visitor.omnitagjs.com
onetag-sys.com
ssbsync.smartadserver.com
10 sync.1rx.io 10 redirects
9 image2.pubmatic.com 1 redirects s.amazon-adsystem.com
ads.pubmatic.com
8 match.prod.bidr.io 8 redirects
8 secure.adnxs.com 8 redirects
8 i.liadm.com 7 redirects
8 pagead2.googlesyndication.com www.datadoghq-browser-agent.com
tpc.googlesyndication.com
www.googletagservices.com
8 ib.adnxs.com 4 redirects softonic.com.br
s.amazon-adsystem.com
acdn.adnxs.com
7 visitor-us-west-2.omnitagjs.com visitor.omnitagjs.com
7 ce.lijit.com s.amazon-adsystem.com
ce.lijit.com
7 www.google.com tjoose-by-santander.softonic.com.br
tpc.googlesyndication.com
securepubads.g.doubleclick.net
6 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
6 image8.pubmatic.com 6 redirects
6 pixel.tapad.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
6 b1sync.zemanta.com 6 redirects
6 articles-img.sftcdn.net tjoose-by-santander.softonic.com.br
5 secure-assets.rubiconproject.com 5 redirects
5 us-u.openx.net 2 redirects u.openx.net
5 p.rfihub.com 5 redirects
5 sync.targeting.unrulymedia.com 4 redirects s.amazon-adsystem.com
4 pmp.mxptint.net 2 redirects visitor.omnitagjs.com
onetag-sys.com
4 dis.criteo.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 www.googletagservices.com securepubads.g.doubleclick.net
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
4 image6.pubmatic.com ads.pubmatic.com
4 c1.adform.net 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
4 sync.srv.stackadapt.com 4 redirects
4 bh.contextweb.com 4 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
softonic.com.br
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 ad.turn.com 4 redirects
4 ap.lijit.com 2 redirects softonic.com.br
visitor.omnitagjs.com
4 id5-sync.com softonic.com.br
www.datadoghq-browser-agent.com
4 www.googletagmanager.com tjoose-by-santander.softonic.com.br
www.googletagmanager.com
sdk.privacy-center.org
3 pm.w55c.net 3 redirects
3 creativecdn.com 3 redirects
3 match.deepintent.com 2 redirects rtb.gumgum.com
3 sync.ipredictive.com 3 redirects
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 api.btloader.com www.datadoghq-browser-agent.com
3 shb.richaudience.com softonic.com.br
3 c.amazon-adsystem.com softonic.com.br
www.datadoghq-browser-agent.com
3 softonic.com.br tjoose-by-santander.softonic.com.br
softonic.com.br
2 sync.crwdcntrl.net 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 cs.media.net contextual.media.net
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 prebid-match.dotomi.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 sync.mathtag.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects
2 cm.adgrx.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ads.betweendigital.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 id.rlcdn.com 1 redirects visitor.omnitagjs.com
2 bttrack.com 2 redirects
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 match.sharethrough.com s.amazon-adsystem.com
ssbsync.smartadserver.com
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 sync-dmp.mobtrakk.com 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 live.rezync.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 lexicon.33across.com 1 redirects
2 lb.eu-1-id5-sync.com softonic.com.br
www.datadoghq-browser-agent.com
2 ad-delivery.net tjoose-by-santander.softonic.com.br
2 adservice.google.com 12325200.fls.doubleclick.net
8876029.fls.doubleclick.net
2 bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.id5-sync.com securepubads.g.doubleclick.net
tjoose-by-santander.softonic.com.br
2 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
2 analytics.google.com www.googletagmanager.com
2 www.adsensecustomsearchads.com www.google.com
www.adsensecustomsearchads.com
2 btloader.com 1 redirects tjoose-by-santander.softonic.com.br
2 12325200.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 8876029.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
2 sdk.privacy-center.org tjoose-by-santander.softonic.com.br
sdk.privacy-center.org
2 tjoose-by-santander.softonic.com.br softonic.com.br
1 d.turn.com 1 redirects
1 bpi.rtactivate.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ums.acuityplatform.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 t.adx.opera.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 cms.quantserve.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 sync.go.sonobi.com 1 redirects
1 gum.criteo.com contextual.media.net
1 um4.eqads.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 ssbsync-global.smartadserver.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 rtb.adentifi.com
1 sync.bfmio.com
1 crb.kargo.com
1 sync.technoratimedia.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 sync.adotmob.com 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 acdn.adnxs.com softonic.com.br
1 js-sec.indexww.com softonic.com.br
1 cs.yellowblue.io s.amazon-adsystem.com
1 exchange.mediavine.com s.amazon-adsystem.com
1 s.seedtag.com s.amazon-adsystem.com
1 fonts.gstatic.com fonts.googleapis.com
1 prebid.a-mo.net s.amazon-adsystem.com
1 hb.yahoo.net s.amazon-adsystem.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com s.amazon-adsystem.com
1 fonts.googleapis.com bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 data.adsrvr.org 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 trace.mediago.io 1 redirects
1 pippio.com ssum-sec.casalemedia.com
1 ssbsync-us.smartadserver.com 1 redirects
1 notix.io
1 cdn-ima.33across.com tjoose-by-santander.softonic.com.br
1 storage.googleapis.com tjoose-by-santander.softonic.com.br
1 ad.doubleclick.net tjoose-by-santander.softonic.com.br
1 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 hbopenbid.pubmatic.com softonic.com.br
1 htlb.casalemedia.com softonic.com.br
1 brightcombid.marphezis.com softonic.com.br
1 hb-api.omnitagjs.com softonic.com.br
1 ad.360yield.com softonic.com.br
1 prebid.media.net softonic.com.br
1 ampcid.google.com www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.datadoghq-browser-agent.com softonic.com.br
1 partner.googleadservices.com www.google.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 p.adsymptotic.com Failed
0 sync.richaudience.com Failed softonic.com.br
384 171

This site contains links to these domains. Also see Links.

Domain
www.softonic.com.br
roblox.softonic.com.br
chrome.softonic.com.br
www.softonic-ar.com
de.softonic.com
en.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
images.sftcdn.net
play.google.com
www.facebook.com
x.com
api.whatsapp.com
formfacade.com
tjoose-by-santander.softonic-ar.com
tjoose-by-santander.softonic.cn
tjoose-by-santander.softonic.nl
tjoose-by-santander.softonic.com.tr
tjoose-by-santander.softonic.jp
tjoose-by-santander.fr.softonic.com
tjoose-by-santander.softonic.vn
tjoose-by-santander.softonic-th.com
tjoose-by-santander.softonic-id.com
tjoose-by-santander.it.softonic.com
tjoose-by-santander.en.softonic.com
tjoose-by-santander.de.softonic.com
tjoose-by-santander.softonic.ru
tjoose-by-santander.softonic.pl
tjoose-by-santander.softonic.kr
tjoose-by-santander.softonic.com
play-cine-0ok.softonic.com.br
pobreflix-full-hd-movies.softonic.com.br
hyper-filmes-e-series-7ci.softonic.com.br
cine-vision-v4.softonic.com.br
tyflex-brasil-8cq.softonic.com.br
lie-detector-test-prank-evr.softonic.com.br
sinhala-stickers-wastickerapps-for-whatsapp.softonic.com.br
tjoose.softonic.com.br
wooden-house-design-cfq.softonic.com.br
tds-tv.softonic.com.br
gem-joy.softonic.com.br
parkour-maps-for-minecraft-pe-u7i.softonic.com.br
truck-horn-h1o.softonic.com.br
memy-atakuyut.softonic.com.br
namma-water-your-water-tanke.softonic.com.br
contacts-hacker-prank-your-friends.softonic.com.br
sad-shayari-sad-shayari-hind.softonic.com.br
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.instagram.com
www.linkedin.com
fetchrss.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2022-12-23 -
2023-12-22		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
s4-san.cloudinary.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
s1-sni.cloudinary.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
notix.io
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
va-ad-exch-dev-eks.dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M03		 2023-08-14 -
2024-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M01		 2023-04-17 -
2024-05-16		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh

This page contains 69 frames:

Primary Page: https://tjoose-by-santander.softonic.com.br/android
Frame ID: D70EF489A985E918A2661D40884DECBF
Requests: 111 HTTP requests in this frame

Frame: https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Frame ID: 0B300E9B65264A090F88BCA3070A09C3
Requests: 1 HTTP requests in this frame

Frame: https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Frame ID: 58A73F3CB9D11EBEC670E7058F88295E
Requests: 1 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=pt&cpp=5&rpbu=https%3A%2F%2Fwww.softonic.com.br%2Fs%2F%3Frscp%3Ddsk_rscp_pt_pp%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r4&nocache=3771699972585804&num=0&output=afd_ads&domain_name=tjoose-by-santander.softonic.com.br&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1699972585805&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=5388&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Frame ID: F662B2B56E29521B25FA8048D9E7E7AD
Requests: 2 HTTP requests in this frame

Frame: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30F863B624436ABBAC1F97B79FAF5E99
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Frame ID: E722CC6157137C03D8E13D13FCEB81C5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Frame ID: A79A3D86F4F75CFFBC2EE191BD3E3350
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Frame ID: B60EA4972C3C09D9C45DD04F12733609
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 309C60BEC9373EA0909E26D8F50C029F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4A985721D1CE4A696D2F9244F892125F
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: F36104D96FB651A1187AC3C7D70A9FB8
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: AFA1883922457911498EDBFF159E54B5
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 3A31CB4DD2B4B7AE77EDA2AAABBF9FC6
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 4F4EFCCD2C2D37A5D40FFE370FDEA9A6
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 9D08A0CE96D2CE86E1DC30903583A332
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: D13F9649AFA82CDB504E3A67F903E790
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=282789838519766230&gdpr=0&gdpr_consent=
Frame ID: B31E3047ED98324D60B1AA627280DA30
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Frame ID: B38EBC72CAF2D24E227DA1115FB8EAE9
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1374257891300936435884
Frame ID: 3DF9E2E31BB956C30094B05F58F8B29E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5695382660300420470&gdpr=0&gdpr_consent=
Frame ID: 67E0DF655168913E19655955542876D6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kZTlmNjE0Ni1hMjA5LTRmNzItYjdiZS00ZTkxMmUwNmU1ZGU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C57DB99127B1661F9CE81057B2961CD7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 5D62086824701D5E05D7A484C9ECA1CF
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e392a2f1-0fab-4fd3-878d-9fce34a36334
Frame ID: A5C2A01D4DA2B9CBDC2E932F80ACCF53
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVOF68Co8YIAAGXJxOwAAAAA
Frame ID: A3DB37F2458212AD4A97FE0DB8BE56E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=gumgum&tc=1
Frame ID: 9F47B53A42DF13C712690DA99699FE60
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CCAFA07810C4623CC7DC174644EFDB50
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveQZ1VAAcYv0NEiBQn6Yp-suTOcfAI7vWlSKEAl4fpkO9hezY0g-xUjz5SbZzGZYStHr3Jv8TbqZ1gwcVMfp3Ikwwv2H5sWponhbZBbCdz8bMcxrBxOT-Co-6lWmdl8YXjh50M8v8pk3aNz3BAL__SwnpDsI2gdShMyUWoCOQE8AsT3tzUTBp8b4Jb4j7RvVMZ32rf5YLl6YGDoo7B0rAVOHUk6iv98zvt1Pbi__rWh29frpqHYnbnfekimHUrelG5bJ2LyFwcov6zd1o1XYsRkzgHxoGgnmHpvkByi2-48fp1J8ISlEHdYXVjjrcId_SRG2s4x5hOGxJcmurCA3X1ygRzogiHE4FxwKgcYEWDvDiJY7wHW9JkJbjibxUlCwpGKl01TDpusBBJsbP4KIZQKJ7y3lzmin40d8jW04wtWyGJlMP20CdOdma625ftMdpY&sai=AMfl-YTtiNCMj7gMlZklWOunHP6tM4Kb5XKb32hzhuOp-h5Y-LuYNoHdP8AzE6eDYWaIQiv6wpSW8Tmms_yG1xkWd505JesCwaxQ9R8hfmXMtAlwJXeX1QfTCMPEkI7Bi54&sig=Cg0ArKJSzBylxxLi7OaJEAE&uach_m=[UACH]&adurl=
Frame ID: FD4A0705531B4337F0774E393CB39E9C
Requests: 9 HTTP requests in this frame

Frame: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5701DAF9E5CE081BADB06C8CB1B7BD2E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwSuk1SrKUyrcEEelJXKTTDNQ5tS-9nWDwg0FiaqtAWrCQRPZHQ0snhiR1MXevjusiX9Nhg-sgwhA6gqMdWepzD0LAlMRdyfAkfONEQ5A4ceDCcQLBwhekCNsLhWOH-PiU2v8nNVa6VWtCLXbyvtiWKygFAsLA7a4iutS1tah9tTXTxx9kLXi448kG05cmBbf7VdQJGHQ7iaurfcNaFntL-0eDLSmmGGrpMxPTb3v76DGOj8OzZ0e0KIjTUTTC7XONIGl7Phw9dnXmzl57uq6U9yMNYtAufG6FMaKAgHDQgfDtLxMGL7BnH9gqnbXRh6JgkdS6NNbdx2OfO02E0PwjGkEhU25nNObZI3S_BjHSleDpXK-aoSfFHgQ6CqDs_0c8M6ZNH9ITYllGi_mY2e_0GZzRGxleG4MfKUZ2eHyj4iPQm4x-oJeX1bwr2TrW6IC6HP_fuG8NoDM&sai=AMfl-YQ_4vyXGfVaumcsMjTZmV6NZu5s73l15yJqhoOeQsxZDYbRFdnVF0CJwSL-CEQlOfK7XfcfWvn-vjOBHhzhWsOlvwDS_ydGTUwrI1S8-NgtMxdrsseB632p3cyMlds&sig=Cg0ArKJSzDL7UwgWMweMEAE&uach_m=[UACH]&adurl=
Frame ID: E23EC585C62DD3529C40166951CB4277
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLp6pTYW0taGKXRB0x-BKlCROB3Pf6EjcoYuPcQRyhPqcS_QAkHa-dkkKd8wS7Vn93-qxvF6CbKChP9_sopqUg1g1JKz81py7ibL63zqbetM1O7lGyt2v1feaAdHHn3jke6jP8R4yMRKkKEkWs0wLKQNqsoI6-1z9iVKxV8sv1rCTrRaV4ly82kf95VrvFveIAMKn4OYF2yh8yc165fK0FWg8euDqKjMFyekdOhdjhfUkWQoYOXmbn5zHxOLST9WXMzRntRVGoOjNwGG2eVYIV5DyIetXRckvCh8t-3zXlpoHQPVNbyazyaCDOvQjxCzDm6bE8XzWPDRA26GLS2Jwz4a2R3uIHzWEdxuyIoOm40lhf_k3nLKEdRxLHqOW56JOuOtIz98TFVrUxouKa_PkZirCkM3Yj4oV7AmRftDQQp_eeXt5lHIFa3Q&sai=AMfl-YRRtkcVGk_tn3778-42jLyC0W25nqZ5SUDXb0ZYS9ot7Fj1OftSflapMR_kbFNHO3o7pIBT4hrxR3_rnskTXdEqE-HWdFp9Y6v7GI5BXsQ94b-9oDed0_0xkZFeXs0&sig=Cg0ArKJSzJ-HgDS8EcrjEAE&uach_m=[UACH]&adurl=
Frame ID: AF7068A0ECFE3A1ABAEF2A85B9725633
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&redir=true&gdpr=0&gdpr_consent=
Frame ID: E1306C33C8F5563D2E8A42D9AA945A6A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Frame ID: FADCB886A6374C5BB44001E481275B80
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7196F2803B2C9F4FEA1352DFA3A6CAD8
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 338A2E47DF380DA084AE192D200ECF06
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 50460C049B878BE17878581D30A9EDE3
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: DA008BB022DE9B9F7DC43129521D4029
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3FA88A075CC8AF7DA7080CEE096F048F
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4111521597
Frame ID: 269AE786F8D13267553652B9501C7DFC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 0B2FC2DA36C2D1AF4E7AF9A92F7C8C68
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 05506599F0C3991176C72467FE1A5DF8
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 1840B915A59EBBFE9396F8FCF12A4F2F
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: F3500587E719EB1A14F1FCFFA958D054
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: D9B055209436BA0BC2C31EDE03602A47
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 01F93627F449515B173B9688D8A4A704
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACGxE7KpwwAABMX00rB8w&gdpr=0
Frame ID: 1811149EB0758D3916FABA8377CBC6D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041073707268864632&gdpr=0&gdpr_consent=
Frame ID: 4F5123BAF1EBBE06D732244680A6BABE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVOF7QADxRszbgBi
Frame ID: 64AA801611F8F480FE5A7221E315FAB6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cd3e3df23eea457791e56
Frame ID: 0E243C4FE4CB4E7D34F6564D546A510D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Frame ID: 5C68F90B9E6D81020B2AAA6C66B5EA36
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=141348c9-bfe6-4d9e-9b67-989f1de95576&expiration=1707921389
Frame ID: 49C0A28E6A9F6052976409A3CB4FA9A4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: E834B5BEAC47AE30EB031D1F03618147
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=rkt&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=1797288127491930335
Frame ID: 0E0B82B044705BAD265EDE22E95F83F9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
Frame ID: 3729D41B559DAF120548A1D17CC5E16E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 266558FF5E7C2C76E3C520F57EE6AF92
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288127491930335
Frame ID: 05D737DE8204A1B89A9B0E0EA2821582
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Frame ID: 26BF65725A06541715989B84A560E1CC
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4B5B23B4AFF08FB991C2829BD9BFF55C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 348463E67DEAC7B7B29B14ECC224F974
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AGJjbQI31R2UwJ5&gdpr=0&gdpr_consent=
Frame ID: 5756801657EFD1B49FF17E86A2A4C1F3
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Frame ID: A368128FA3380BC4684A12FD459BFDA4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5cd9caa4c5e743c39c9c8f2494bb37b8
Frame ID: 0618FC024817F7A3595C8CAC19C48AEE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Frame ID: 0F454D80B7E8D140901EA106985E03F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 473E839EC6EAFFB7B74733AA3BD3C757
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: F34350248075E53D0863D13698FAC54A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
Frame ID: 5F4ADFBCB24CC5817F1352F6DC189D39
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: DB8A6DE6F2F9DC8DA12BB87B26304539
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3141619A7EF3F12D1D7FD79EB8FA3955
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
Frame ID: ADC4B253BD85C91DE88E18E0B7467FF9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Frame ID: EFAB4275819ADAEA80AD04B2DC3BD257
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

tjoose by Santander para Android - Download

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

384
Requests

67 %
HTTPS

23 %
IPv6

109
Domains

171
Subdomains

99
IPs

13
Countries

2429 kB
Transfer

6592 kB
Size

244
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid HTTP 302
  • https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Request Chain 27
  • https://12325200.fls.doubleclick.net/activityi;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid HTTP 302
  • https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Request Chain 35
  • https://btloader.com/tag?o=5633429348548608&domain=en.softonic.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Request Chain 107
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1---&b=1&g=CqvMHJoQUj36%2BfQz4I9ti5hubzY0N3f2UjQfwqGnz0k%3D
Request Chain 112
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Request Chain 120
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1699972587154 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1836398369 HTTP 302
  • https://sync.1rx.io/usersync/turn/3686961782716869042?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Request Chain 122
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 125
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 126
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=282789838519766230&gdpr=0&gdpr_consent=
Request Chain 127
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Request Chain 128
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1374257891300936435884
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVOF6.xSY4415Nzh3mEKZgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
Request Chain 132
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e392a2f1-0fab-4fd3-878d-9fce34a36334&expiration=1702564587&gdpr=0&gdpr_consent=
Request Chain 133
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b7f51c9672c3499cbee4f0d01342a45d HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b7f51c96-72c3-499c-bee4-f0d01342a45d HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D889247f7-77b3-4323-ba8a-92f2d95729b4%253A1699972587.4885225%26pid%3D500040%26it%3D1%26iv%3D889247f7-77b3-4323-ba8a-92f2d95729b4%253A1699972587.4885225%26_%3D1699972587.4930732&cb=1699972587.493126 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288127491930335&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D889247f7-77b3-4323-ba8a-92f2d95729b4%253A1699972587.4885225%26pid%3D500040%26it%3D1%26iv%3D889247f7-77b3-4323-ba8a-92f2d95729b4%253A1699972587.4885225%26_%3D1699972587.4930732 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&pid=500040&it=1&iv=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&_=1699972587.4930732 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1699972587.4930732&iv=889247f7-77b3-4323-ba8a-92f2d95729b4:1699972587.4885225
Request Chain 134
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632
Request Chain 135
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c496bd7ed1322kl7500loyfsb8h
Request Chain 136
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZVOF6.xSY4415Nzh3mEKZgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZVOF6.xSY4415Nzh3mEKZgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662077745369803
Request Chain 137
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6041073707268864632
Request Chain 141
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOYFSBAJ-1-46X5&gdpr=0
Request Chain 142
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=jbWWcYzkm0UW&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 143
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1699972587194 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4114144722 HTTP 302
  • https://sync.1rx.io/usersync/turn/3614904188678941106?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Request Chain 144
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHA4TWpCWkh2LThmTFMyTlFoU1A4RkRn&gdpr=0
Request Chain 145
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Request Chain 146
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6041073707268864632
Request Chain 147
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=2b154613-a2ec-4d70-a2eb-98faeef7a3d3 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NWM4ZTk1NjhiNzM5NjE5OA&gdpr=0&gdpr_consent=&us_privacy=&ssp=gumgum2&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 148
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=686d253f-5186-07b7-2071-f0641ed446de
Request Chain 149
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42
Request Chain 150
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3z9Wb4ZE2peGZGGbomyLKVwMUiPfRMN2u5ao~A
Request Chain 151
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=61646941-44f5-4768-b56c-8ed88233b33f
Request Chain 153
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_de9f6146-a209-4f72-b7be-4e912e06e5de&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=iuuSt-dd1FqWX4OJZZG3&gdpr=0
Request Chain 154
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=AvERhqHxeDxU&ev=1&pid=558355
Request Chain 155
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=282789838519766230
Request Chain 157
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5695382660300420470&gdpr=0&gdpr_consent=
Request Chain 160
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e392a2f1-0fab-4fd3-878d-9fce34a36334
Request Chain 161
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVOF68Co8YIAAGXJxOwAAAAA
Request Chain 162
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=gumgum&tc=1
Request Chain 163
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 167
  • https://match.adsrvr.org/track/cmf/openx?oxid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e392a2f1-0fab-4fd3-878d-9fce34a36334&ttd_puid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0&gdpr_consent=
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKW85tHIqvzx8fRzLEX2NGk&google_cver=1
Request Chain 195
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LOYFSBD2-20-CNOC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GsSOBjb6TJunnqKkT1jrYw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 204
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e84688e5-4eb0-4717-a45b-9a49b557efa5&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%2C%2C
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUFDNDhFMDYtMzZGQS00QzlCLUE3OUUtQTJBNDRGNThFQjYz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFmrZKvC-rREz1ih4csK8lM&google_cver=1
Request Chain 209
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD
Request Chain 210
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Request Chain 211
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74ZXQ0ZE2uW1BSICKlDEaV.s_n2hTVk-~A&gdpr=0
Request Chain 215
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LOYFSBD2-20-CNOC HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 217
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2wFeEuaIReq6GcChcl3RQA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2wFeEuaIReq6GcChcl3RQA&gdpr=0
Request Chain 218
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDeClBCiMNE8LGU0ogi6uMk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&google_push=&gdpr=0
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBPwydbWJAEENAoInjGKPKc&google_cver=1
Request Chain 220
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Request Chain 221
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDI4NGUxN2JmM2UwMTZkYWQ5YjMyYzYwODQwNGVhNjgyMzRiY2Y5Yg&gdpr=0&us_privacy=1---
Request Chain 222
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SP41dh9uQQE43eHJ81Idm8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p0xeqoNE2oJH9yeaC05wu2A_boKZ7cYe70khVg--~A
Request Chain 223
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=&expires=30
Request Chain 224
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACGxE7KpwwAABMX00rB8w&expires=30&gdpr=0
Request Chain 225
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Request Chain 226
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC&ckls=true&ci=fjWKL3AxpF&nc=false&trid=1274098949
Request Chain 227
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOYFSBD2-20-CNOC&redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOYFSBD2-20-CNOC&gdpr=0&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NajVxU1oxRTJ1SFguUjNkdzRYY0JqcVZlOVhLTTFMMX5B&gdpr=0&ovsid=LOYFSBD2-20-CNOC&dpid=58160&us_privacy=1---
Request Chain 228
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Request Chain 229
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61646941-44f5-4768-b56c-8ed88233b33f&expires=30&gdpr=0&us_privacy=1---
Request Chain 230
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Request Chain 237
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 238
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 239
  • https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=vx14wWBVUUhNaK1m_OcDKWAJ-So
Request Chain 240
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=82d3fadc-3f46-4031-b82a-a0d78dc36375
Request Chain 241
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&us_privacy=1---
Request Chain 242
  • https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5695382660300420470
Request Chain 243
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 244
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6041073707268864632&expires=30&us_privacy=1---
Request Chain 245
  • https://ad.turn.com/r/cs?pid=6&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3614904188678941106&expires=60&gdpr=&gdpr_consent=
Request Chain 246
  • https://sync.1rx.io/usersync2/rubicon?us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005%26expires%3D30%26us_privacy%3D1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005&expires=30&us_privacy=1---
Request Chain 247
  • https://id.rlcdn.com/709414.gif?us_privacy=1--- HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 248
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&us_privacy=1--- HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LOYFSBD2-20-CNOC?us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Request Chain 249
  • https://match.deepintent.com/usersync/143?us_privacy=1--- HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_cd3e3df23eea457791e56
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1--- HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&us_privacy=1---
Request Chain 251
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&us_privacy=1--- HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 252
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1--- HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 267
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 268
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 269
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288127491930335&expires=30&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 271
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=a29c4877c51b0492b13f47c89877282a&gdpr=0&gdpr_consent=
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e84688e5-4eb0-4717-a45b-9a49b557efa5&name=THE_TRADE_DESK
Request Chain 273
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 274
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 275
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10C2380A3_3262692F&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 276
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09cc2204000d2ba0d880536c&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 277
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 278
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c1bc6491-9583-4497-9cdb-51e9e9c4fa78&gdpr=0&gdpr_consent=
Request Chain 280
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=7197012432423971139 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=2eb7ec0e-2bbb-523e-894d-83b5ec1e065b&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 281
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=82d3fadc-3f46-4031-b82a-a0d78dc36375&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 283
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 284
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 286
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 289
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDR3hFN0twd3dBQUJNWDAwckI4dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=282789838519766230&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACGxE7KpwwAABMX00rB8w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D282789838519766230%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=282789838519766230&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACGxE7KpwwAABMX00rB8w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D282789838519766230%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=282789838519766230&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACGxE7KpwwAABMX00rB8w&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACGxE7KpwwAABMX00rB8w&gdpr=0
Request Chain 290
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041073707268864632&gdpr=0&gdpr_consent=
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVOF7QADxRszbgBi
Request Chain 292
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cd3e3df23eea457791e56
Request Chain 293
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32f8fcbe-82fb-11ee-b5a7-6398c517eefc HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Request Chain 294
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&vxii_pid=12&vxii_pid1=10067&vxii_rcid=33923aa9-c55c-431e-a1cf-0594103d7aba
Request Chain 299
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2d800118e0bd0fe8&is_secure=true&networkId=17100&version=1&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGqPkneKAMYQMeZxTnAAAAAAA&expiration=1700058989&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Request Chain 300
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61646941-44f5-4768-b56c-8ed88233b33f&gdpr=0&gdpr_consent=
Request Chain 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8db61b50-8bbe-4753-94ff-68431ae9b4b7-655385ed-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3614904188678941106&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Request Chain 303
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
Request Chain 304
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOYFSBD2-20-CNOC&gdpr=0
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6041073707268864632
Request Chain 306
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=8a42d81b36e9915b705a76772136146&gdpr_consent=&gdpr=0
Request Chain 308
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi85DKHpSLXNP78oX7SbGygDwLV8Viay4OA
Request Chain 309
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=282789838519766230
Request Chain 310
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10C2380A3_32A8263A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECWHj2P6ZoWa2QB0FfITWnw&google_cver=1
Request Chain 312
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=AvERhqHxeDxU&ev=1&us_privacy=&pid=562985
Request Chain 313
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=154829677e350fff&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAFrty6Oj4_kQNJXwJcAAAAAAA&expiration=1700058989
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-56xffelE2uFkKcy8Pnj5sNeORshxalgrnUSyCnM-~A
Request Chain 315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Request Chain 316
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288127491930335&expires=30&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&us_privacy=
Request Chain 319
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&gdpr=0
Request Chain 320
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=282789838519766230&gdpr=0&gdpr_consent=
Request Chain 321
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjgyNzg5ODM4NTE5NzY2MjMw&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEODsJjiE5cdqHwmo0HJe5Jc&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 322
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041073707268864632&gdpr=0&gdpr_consent=
Request Chain 323
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5 HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVOF6-xSY4415Nzh3mEKZgAADU4AAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIATZmHOtkMXDoCOmeEHut0&google_cver=1
Request Chain 326
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVOF6.xSY4415Nzh3mEKZgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
Request Chain 327
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406
Request Chain 328
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=0bd8003337fd467d89666fd22c6e50eb&expiration=1702564589
Request Chain 329
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632&us_privacy=1---
Request Chain 331
  • https://um4.eqads.com/um/cs?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=141348c9-bfe6-4d9e-9b67-989f1de95576&expiration=1707921389
Request Chain 335
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 336
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Drkt%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=rkt&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=1797288127491930335
Request Chain 337
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=e3757e4c-5ac4-4d51-a40a-4328e5edd2d5
Request Chain 338
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Dopx%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=opx&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=577ce8d0-d293-0501-2445-9ee7646bd544
Request Chain 339
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Dr1%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5407120235 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e84688e5-4eb0-4717-a45b-9a49b557efa5 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Dr1%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=r1&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyOTc0MTg5NjYzNDY2NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJK9AD6ePoNQWfTPldaeClc&google_cver=1
Request Chain 341
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Ddxu%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Ddxu%26refUrl%3D%26vid%3D99725897683429741896634667000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=dxu&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=AGJjbQI31R2UwJ5
Request Chain 342
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 343
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&google_hm=MmIxNTQ2MTMtYTJlYy00ZDcwLWEyZWItOThmYWVlZjdhM2Qz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDsHOhiwLs68PDtmFypg42A&google_cver=1&ssp=medianet&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 344
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=iuuSt-dd1FqWX4OJZZG3
Request Chain 345
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3429741896634667000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3429741896634667000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=ae5bd358-524a-408c-bd78-ca63d1560e62&cs=1
Request Chain 346
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e84688e5-4eb0-4717-a45b-9a49b557efa5
Request Chain 347
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=medianet
Request Chain 352
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&gdpr=0&us_privacy=1---
Request Chain 356
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LOYFSBD2-20-CNOC HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LOYFSBD2-20-CNOC&us_privacy=1---
Request Chain 358
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=2b154613-a2ec-4d70-a2eb-98faeef7a3d3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=9ad21713ece31f7407ebd8f261287fbb&expires=30&ssp=pubmatic&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 360
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288127491930335
Request Chain 361
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Request Chain 363
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 364
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AGJjbQI31R2UwJ5&gdpr=0&gdpr_consent=
Request Chain 365
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=822d0342-5cc7-4137-baf6-60ca94b1d679&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Request Chain 366
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5cd9caa4c5e743c39c9c8f2494bb37b8
Request Chain 369
  • https://idsync.rlcdn.com/712188.gif?partner_uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e9ba065451bb604e00a9dee48867763496cd194f548ae901a75e5d072d78caff791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=02004346
Request Chain 370
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent=
Request Chain 372
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695382660300420470
Request Chain 375
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 377
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
Request Chain 378
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
Request Chain 383
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3614904188678941106 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JoYJ5GekZZ2MtHuQ7nKN-Lnku0ASOWphxUpugA
Request Chain 384
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=&ct=y

384 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request android
tjoose-by-santander.softonic.com.br/ 		297 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3e19577d1642bd7dc4c37887d92c5561eca64de177d9bbee84d37e59511b70ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-language
pt-BR
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:25 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
99
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
3cf6e64f-a5d7-4b3b-8ced-3e5e2a28c5c7
x-served-by
server-5b8df4b9b6-gn2st
x-version
1.6090.0
x-xss-protection
1
loader.js
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic.com.br
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:8800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e1c1ed318f5d319596748cc47bcd0dee2b8790dca9deed9852444226854e2b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:22:48 GMT
content-encoding
gzip
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
x-didomi-remote-config-source
Lambda
via
1.1 e253a912687c0fa80cad9ce4b2103a4a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-P1
age
817
etag
"e3129a35bf9205ed57b1804c41f682aa"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
10979
x-amz-cf-id
WClCO3jozbhzl9wVrYQLavApFKmPdjUKUt9SdNusL4TJNzEqsmtzGw==
gtm.js
www.googletagmanager.com/ 		430 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
239b77a96aecdf55b7953dc5f142d4397f48dd5c7f8e9490a0057110a8a18cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122569
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 14:36:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9f15efa0e265d3b1d84b31763821e78b6614c3eac7c7d3809ba810de0befa38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31511
x-xss-protection
0
server
cafe
etag
491 / 19675 / m202311090101 / config-hash: 4139038881701353164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:36:25 GMT
ads.js
www.google.com/adsense/search/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30db4bd04faf232260ad8349b7a55ccb08474282427146689f3ded47592f0033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"100843330440761948"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Tue, 14 Nov 2023 14:36:25 GMT
sft-prebid.js
softonic.com.br/revamp/ 		345 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com.br/revamp/sft-prebid.js
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3edfbc46685f6b4a7652dd6394237067f0a481d6631b1951a016a00e05058306

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-version
1.1276.0
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
95778
x-cache
MISS, HIT
x-envoy-upstream-service-time
7
x-region
TX
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99535
x-request-id
268f2664-b8ae-4f8b-a21a-353375f3a4dc
x-served-by
cache-ams21030-AMS, cache-bfi-krnt7300089-BFI
x-platform-version
NT 10.0
x-browser-version
119.0.6045.123
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1699972586.628591,VS0,VE0
etag
W/"eed89fba9f566c05e48ed29b22879654"
x-browser-name
Chrome
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
0, 1224
72c3f-6eca9.mjs
sc.sftcdn.net/scripts/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-6eca9.mjs
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2bcccea02498d9f7d3e7c25a4a3ff7a53e531e74722ce2925203dd1bcfc0cef2

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 29 Oct 2024 14:29:29 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1296416
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13298
x-served-by
cache-ams21075-AMS, cache-yyz4571-YYZ
last-modified
Mon, 30 Oct 2023 14:21:43 GMT
server
istio-envoy
x-timer
S1699972586.518356,VS0,VE0
etag
W/"653fbbf7-b7a6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1844, 17
23986-17e57.mjs
sc.sftcdn.net/scripts/ 		99 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-17e57.mjs
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5b015739fad6215c2bb2a87f50c723282d681988a9f5f7f8362b60de9939fe12

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 08 Nov 2024 11:55:58 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
441627
x-cache
HIT, HIT
x-envoy-upstream-service-time
8
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21807
x-served-by
cache-ams12751-AMS, cache-yyz4571-YYZ
last-modified
Thu, 09 Nov 2023 11:17:57 GMT
server
istio-envoy
x-timer
S1699972586.518337,VS0,VE0
etag
W/"654cbfe5-18aef"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
127, 6
tjoose-by-santander-logo
images.sftcdn.net/images/t_app-icon-s/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/157806511/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/157806511/tjoose-by-santander-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
75e69cf6adf7a697cd6900d8eae011f738a1b1c09bdbf264b8e8c3e220913715
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 07 Jul 2023 09:54:06 GMT
server
Cloudinary
etag
"2806a55184444258411ff096973cacc8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="157806511.webp"
server-timing
cld-akam;dur=236;cpu=148;start=2023-11-14T14:36:25.632Z;desc=miss,rtt;dur=27,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=43606",cloudinary;dur=61;start=2023-11-14T14:36:25.695Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1132
tjoose-by-santander-screenshot
images.sftcdn.net/images/t_app-cover-s,f_auto/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/980041143/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/980041143/tjoose-by-santander-screenshot
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ece27dff32566f39f488c688f4d10e210db169e7ade7adf50d8413f729af9758
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="980041143.webp"
server-timing
cld-akam;dur=333;cpu=146;start=2023-11-14T14:36:25.626Z;desc=miss,rtt;dur=27,content-info;desc="width=340,height=606,owidth=166,oheight=296,obytes=5414",cloudinary;dur=101;start=2023-11-14T14:36:25.705Z
content-length
11682
last-modified
Sun, 16 Jul 2023 21:26:32 GMT
server
Cloudinary
etag
"c7fd21d5f441a63b438a4372ddbeab12"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sat, 21 Sep 2024 01:52:09 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
4625056
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12758-AMS, cache-yyz4571-YYZ
last-modified
Thu, 21 Sep 2023 10:06:40 GMT
server
istio-envoy
x-timer
S1699972586.518362,VS0,VE0
etag
W/"650c15b0-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
97, 11
sft-bundle.js
softonic.com.br/revamp/ 		330 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com.br/revamp/sft-bundle.js?modern=1
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0429096e9d4d09f35c22663f0082dc51d46c915425e1a9df0ec6a789ade7eed5

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-version
1.1276.0
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
95780
x-cache
HIT, HIT
x-envoy-upstream-service-time
8
x-region
NY
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74359
x-request-id
f8ff032e-babc-4b56-9566-7d3230953b61
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300097-BFI
x-platform-version
NT 10.0
x-browser-version
119.0.6045.123
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1699972586.629142,VS0,VE0
etag
W/"03c988e9f9c9fe612d3c0a6f1f99f265"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 3802
e1d66-8959c.css
sc.sftcdn.net/styles/ 		107 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-8959c.css
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7e246fd2a4cb8e1634db463b3828532c249d55b60895191a635ff3ef59fe17ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 07 Nov 2024 13:38:01 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
521904
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16912
x-served-by
cache-ams21068-AMS, cache-yyz4524-YYZ
last-modified
Wed, 08 Nov 2023 11:02:43 GMT
server
istio-envoy
x-timer
S1699972586.517877,VS0,VE0
etag
W/"654b6ad3-1ab8c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
76, 28
40150-a5fb0.css
sc.sftcdn.net/styles/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-a5fb0.css
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 08 Nov 2024 11:55:58 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
441627
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3079
x-served-by
cache-ams21046-AMS, cache-yyz4524-YYZ
last-modified
Thu, 09 Nov 2023 11:17:56 GMT
server
istio-envoy
x-timer
S1699972586.517493,VS0,VE0
etag
W/"654cbfe4-3377"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
118, 3
tjoose-by-santander-screenshot.png
images.sftcdn.net/images/t_app-cover-s,f_auto/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/980041143/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/980041143/tjoose-by-santander-screenshot.png
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ece27dff32566f39f488c688f4d10e210db169e7ade7adf50d8413f729af9758
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="980041143.webp"
server-timing
cld-akam;dur=238;cpu=70;start=2023-11-14T14:36:25.633Z;desc=miss,rtt;dur=27,content-info;desc="width=340,height=606,owidth=166,oheight=296,obytes=5414",cloudinary;dur=89;start=2023-11-14T14:36:25.673Z
content-length
11682
last-modified
Sun, 16 Jul 2023 21:26:35 GMT
server
Cloudinary
etag
"c7fd21d5f441a63b438a4372ddbeab12"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 27 Oct 2024 07:18:18 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1495087
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21030-AMS, cache-yyz4524-YYZ
last-modified
Thu, 26 Oct 2023 14:14:17 GMT
server
istio-envoy
x-timer
S1699972586.560188,VS0,VE0
etag
W/"653a7439-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
2815, 3
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:59 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
17469147
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21069-AMS, cache-yyz4571-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1699972586.518399,VS0,VE0
etag
W/"644801fe-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
10366, 10
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Origin
https://tjoose-by-santander.softonic.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:01 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
17469144
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21076-AMS, cache-yyz4571-YYZ
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1699972586.518380,VS0,VE0
etag
W/"644801fe-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
6030, 11
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
71dea-14daa.svg
sc.sftcdn.net/images/ 		945 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/71dea-14daa.svg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:58 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
17469148
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
508
x-served-by
cache-ams21023-AMS, cache-yyz4524-YYZ
last-modified
Tue, 25 Apr 2023 16:38:21 GMT
server
istio-envoy
x-timer
S1699972586.560259,VS0,VE0
etag
W/"644801fd-3b1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
2949, 19
b94b1-d9c76.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-d9c76.css
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 15 Oct 2024 23:41:26 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2472900
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1856
x-served-by
cache-ams12746-AMS, cache-yyz4524-YYZ
last-modified
Mon, 16 Oct 2023 13:23:19 GMT
server
istio-envoy
x-timer
S1699972586.560163,VS0,VE0
etag
W/"652d3947-12d9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
59, 5611
truncated
/ 		945 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.d94cff4b0da87658039c841b0633490b3b2fd65a.js
sdk.privacy-center.org/sdk/d94cff4b0da87658039c841b0633490b3b2fd65a/modern/ 		335 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/d94cff4b0da87658039c841b0633490b3b2fd65a/modern/sdk.d94cff4b0da87658039c841b0633490b3b2fd65a.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24eb:8800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72b234bf0d770182927eabe10f5c05bfb3e5b6fbe9e589628a281bdd14fc56a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:41:22 GMT
content-encoding
gzip
via
1.1 e253a912687c0fa80cad9ce4b2103a4a.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 13:41:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P1
age
3304
etag
W/"e696f7c64be41550108abeef2b92b412-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
r3E9aTIGTrK33RI5tAK9uJBf28DRc5TRpo9Dkwqi4YXCUyfCwYJZbg==
ppub_config
securepubads.g.doubleclick.net/pagead/ 		161 B
131 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.softonic.com.br
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da6493e5bb27549a2c3795b770b485609f525aa5b308e5f04a2ac52cd5df9e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
x-xss-protection
0
expires
Tue, 14 Nov 2023 14:36:25 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
046a05c4250f887f16e59595cd67caa6bf011721086e45255eafe1a487f249be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72264
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 14:36:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 12:52:28 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6237
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 14 Nov 2023 14:52:28 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5be651e2053a2ba14f764e87635a65bd269eaaf3bfd2c8c08ad042d8f72f43f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 14:36:25 GMT
activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gc...
8876029.fls.doubleclick.net/ Frame 0B30
Redirect Chain
  • https://8876029.fls.doubleclick.net/activityi;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;...
  • https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by...
640 B
539 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
5a45ec35ac23a016290f2964ede5f727495f0855f0729f3188b407145c3e9f7f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;...
12325200.fls.doubleclick.net/ Frame 58A7
Redirect Chain
  • https://12325200.fls.doubleclick.net/activityi;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb...
  • https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1...
597 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
0ab6d70568362d41ca559b8990fdf0a2e5dccb939e199866ca99ede2d225649d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
372
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		384 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tjoose-by-santander.softonic.com.br&client=softonic&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9fc51a0cb088e97319e0acf0c8384129336d95863d623b2237073f76c3fc408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
chunk6-12fa0e.mjs
sc.sftcdn.net/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-12fa0e.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
727bd766f9994591dc127b1570f83dd84fe356a3804f584ccc4f1dad4c52bc00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 01 Nov 2024 12:18:44 GMT
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1045062
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3773
x-served-by
cache-ams21082-AMS, cache-yyz4559-YYZ
last-modified
Thu, 02 Nov 2023 12:12:30 GMT
server
istio-envoy
x-timer
S1699972586.768063,VS0,VE0
etag
W/"6543922e-331c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
66, 213
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 07:06:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
26979
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 13 Nov 2024 07:06:46 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/d94cff4b0da87658039c841b0633490b3b2fd65a/modern/sdk.d94cff4b0da87658039c841b0633490b3b2fd65a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
119c4986c68a9febdfeba43085fc1aa7e2bfb3c143195685ef681f25a0f655ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72196
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 14:36:25 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.181.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-181-27.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:16 GMT
content-encoding
br
via
1.1 2fff6c3c0593c970e3f0b48801cb3db4.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-C2
age
10
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
AZ9b_isfm_Zihkx6i3p6NWB3IxAMbmhgUX575RvW_POVIiPG_vgtsw==
sft-bundle.js
softonic.com.br/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic.com.br/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-version
1.1276.0
date
Tue, 14 Nov 2023 14:36:25 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
95781
x-cache
HIT, HIT
x-envoy-upstream-service-time
6
x-region
TX
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74359
x-request-id
f8ff032e-babc-4b56-9566-7d3230953b61
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300027-BFI
x-platform-version
NT 10.0
x-browser-version
119.0.6045.123
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1699972586.933464,VS0,VE0
etag
W/"03c988e9f9c9fe612d3c0a6f1f99f265"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
2, 4490
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.23.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-23-84.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:16:51 GMT
content-encoding
gzip
via
1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 e7a41892bebb9d5aa268f6882fbca1fa.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, BOS50-P1
age
1176
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ydDKgwH74wbmesSp-tNFmAZ4elMviG5FS6pfGTVQzfU-5XYmIe1iuQ==
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?o=5633429348548608&domain=en.softonic.com&upapi=true
  • https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32da315e07f85aeae94e9563c70977912547645b445a8b5c1add767954e63b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 13:56:50 GMT
server
cloudflare
age
2196
etag
"1405a4fcdc19caf96f65a83d35d91735"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
825ffc975b754bc6-BUF
content-length
17766

Redirect headers

date
Tue, 14 Nov 2023 14:36:26 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2196
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5633429348548608&domain=softonic.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
825ffc968b6b4bc6-BUF
ads
www.adsensecustomsearchads.com/afs/ Frame F662 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=pt&cpp=5&rpbu=https%3A%2F%2Fwww.softonic.com.br%2Fs%2F%3Frscp%3Ddsk_rscp_pt_pp%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r4&nocache=3771699972585804&num=0&output=afd_ads&domain_name=tjoose-by-santander.softonic.com.br&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1699972585805&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=5388&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
9836d6ac2e15977d74da230eec15344d87903c825a6364b029cdc3915fd25198
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-01P350UGKRwTH1cfTQCz2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
554
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-01P350UGKRwTH1cfTQCz2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Tue, 14 Nov 2023 14:36:26 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
play-cine-0ok-logo
images.sftcdn.net/images/t_app-icon-s/p/ce021c28-6bba-49fc-89c1-eb51b7eadd1b/1719996276/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/ce021c28-6bba-49fc-89c1-eb51b7eadd1b/1719996276/play-cine-0ok-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
40951b05c07e842e09c54e28714d00bef0bc9a2edff2f32fc4ea710df819f4f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 11:31:59 GMT
server
Cloudinary
etag
"c58fc48db5e7d506eedd4a7371aa8bb9"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1719996276.webp"
server-timing
cld-akam;dur=7;start=2023-11-14T14:36:25.981Z;desc=hit,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=229126"
accept-ranges
bytes
timing-allow-origin
*
content-length
1578
pobreflix-full-hd-movies-logo
images.sftcdn.net/images/t_app-icon-s/p/bcf52ff7-2ed3-4ba4-8d9a-f4ce763c6738/2137512136/ 		508 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/bcf52ff7-2ed3-4ba4-8d9a-f4ce763c6738/2137512136/pobreflix-full-hd-movies-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f1bac7f6375703c2d5ec4acd3150dc9664121a100b70de1d97336597873551c1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:15 GMT
server
Cloudinary
etag
"910d81b316398d6a5d1528ff71a2b23c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2137512136.webp"
server-timing
cld-akam;dur=14;start=2023-11-14T14:36:25.981Z;desc=hit,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=11034"
accept-ranges
bytes
timing-allow-origin
*
content-length
508
hyper-filmes-e-series-7ci-logo
images.sftcdn.net/images/t_app-icon-s/p/1610699b-d5d4-42f7-bdd4-b361af320735/573557625/ 		700 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/1610699b-d5d4-42f7-bdd4-b361af320735/573557625/hyper-filmes-e-series-7ci-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
42f312d5df0850c52e11834412050dda2f4618076fcd386c2b99936209d0497b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:16:42 GMT
server
Cloudinary
etag
"902bfe7a7435733b948d0fe741279d90"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="573557625.webp"
server-timing
cld-akam;dur=73;start=2023-11-14T14:36:25.977Z;desc=hit,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=220697"
accept-ranges
bytes
timing-allow-origin
*
content-length
700
cine-vision-v4-logo
images.sftcdn.net/images/t_app-icon-s/p/4f44d270-c245-44ce-b6cd-32ec38e79229/288293048/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4f44d270-c245-44ce-b6cd-32ec38e79229/288293048/cine-vision-v4-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1b590a7197e26e8e6e406a81b6ff35d90f1b1392fdf567823110f5b859b244ee
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:55:51 GMT
server
Cloudinary
etag
"84c0b5b4f1d74c0879bfaecc37a26e44"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="288293048.webp"
server-timing
cld-akam;dur=8;start=2023-11-14T14:36:25.964Z;desc=hit,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=369323"
accept-ranges
bytes
timing-allow-origin
*
content-length
1612
tyflex-brasil-8cq-logo
images.sftcdn.net/images/t_app-icon-s/p/801070ee-d664-4ade-88c8-a5f7033ebd89/2211837588/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/801070ee-d664-4ade-88c8-a5f7033ebd89/2211837588/tyflex-brasil-8cq-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fc665ab3b4a1f15099038b1fce905508beb0e8ab5515793a5a314c596ada40d8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 14:45:54 GMT
server
Cloudinary
etag
"33d1cb638c4ec33bac881aa3ee1f3d91"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2211837588.webp"
server-timing
cld-akam;dur=54;start=2023-11-14T14:36:25.961Z;desc=hit-near,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=162722"
accept-ranges
bytes
timing-allow-origin
*
content-length
1290
lie-detector-test-prank-evr-logo
images.sftcdn.net/images/t_app-icon-s/p/8cb66f23-4041-4907-8a7f-4a33b9bf5ea7/3898542368/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/8cb66f23-4041-4907-8a7f-4a33b9bf5ea7/3898542368/lie-detector-test-prank-evr-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
7ed31a5c041115c571d51c8045c775e62b6a49d5a1d077b73c936b136987f75a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 15:03:25 GMT
server
Cloudinary
etag
"c47eb36c46725341542f1d50c5f61382"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="3898542368.webp"
server-timing
cld-akam;dur=107;cpu=50;start=2023-11-14T14:36:25.961Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=401404",cloudinary;dur=32;start=2023-11-14T14:36:26.000Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2036
sinhala-stickers-wastickerapps-for-whatsapp-logo
images.sftcdn.net/images/t_app-icon-s/p/f1cb91b7-4d0e-4d14-90a7-4d349e2a96cc/1640083247/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f1cb91b7-4d0e-4d14-90a7-4d349e2a96cc/1640083247/sinhala-stickers-wastickerapps-for-whatsapp-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a20346abd6a3d921126e370fd651d17df742c597a6071a6bc02b664311100a22
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 10:57:15 GMT
server
Cloudinary
etag
"0d14581ff68487aaa1a42ca4b381e3d8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1640083247.webp"
server-timing
cld-akam;dur=174;cpu=54;start=2023-11-14T14:36:25.961Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=720,oheight=720,obytes=1123561",cloudinary;dur=72;start=2023-11-14T14:36:26.011Z
accept-ranges
bytes
timing-allow-origin
*
content-length
5902
tjoose-logo
images.sftcdn.net/images/t_app-icon-s/p/fbf7ff0b-9257-474f-a0dd-805e45d63d4d/1992010203/ 		804 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/fbf7ff0b-9257-474f-a0dd-805e45d63d4d/1992010203/tjoose-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e9589f19a5ba6221c286b7e0f85e7aec703a59391457a76ac64784470fc40e29
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 01:56:40 GMT
server
Cloudinary
etag
"642025d7c61b8de5bf69636be7874046"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1992010203.webp"
server-timing
cld-akam;dur=256;cpu=56;start=2023-11-14T14:36:25.968Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=30286",cloudinary;dur=175;start=2023-11-14T14:36:26.021Z
accept-ranges
bytes
timing-allow-origin
*
content-length
804
wooden-house-design-cfq-logo
images.sftcdn.net/images/t_app-icon-s/p/23fe5736-01d1-4132-a42d-ab81057d403e/2824824983/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/23fe5736-01d1-4132-a42d-ab81057d403e/2824824983/wooden-house-design-cfq-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d9f645e67d6c732565b0b0b88fa6e5b55ca65191ca1d3533f41dff25e0f9b34e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 02:02:31 GMT
server
Cloudinary
etag
"1b3154e9d9b8876bbd873a59013d8044"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2824824983.webp"
server-timing
cld-akam;dur=249;cpu=58;start=2023-11-14T14:36:25.961Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=421102",cloudinary;dur=163;start=2023-11-14T14:36:26.003Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4260
tds-tv-logo
images.sftcdn.net/images/t_app-icon-s/p/f8583718-465f-4c66-9c99-ac17d7ca9125/1463175416/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f8583718-465f-4c66-9c99-ac17d7ca9125/1463175416/tds-tv-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b10d7810157d2c66c506d22f3452e8ebfdf88946684f048568f68de6684e15cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 01:53:02 GMT
server
Cloudinary
etag
"ed25f739c5bb0201f2c288c719b9eb9e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1463175416.webp"
server-timing
cld-akam;dur=159;cpu=44;start=2023-11-14T14:36:25.961Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=47150",cloudinary;dur=92;start=2023-11-14T14:36:26.007Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1296
gem-joy-logo
images.sftcdn.net/images/t_app-icon-s/p/da487f42-46e5-4126-ba2f-2a4feae89d0c/862138105/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/da487f42-46e5-4126-ba2f-2a4feae89d0c/862138105/gem-joy-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
01e63f4daa8075e8ee7533216e9039ad1aba872251ff6b8ca0d6f7aa31484862
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 06:13:10 GMT
server
Cloudinary
etag
"65df66346348354a8433b9b2a135f060"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="862138105.webp"
server-timing
cld-akam;dur=231;cpu=114;start=2023-11-14T14:36:25.989Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=46052",cloudinary;dur=91;start=2023-11-14T14:36:26.078Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1310
parkour-maps-for-minecraft-pe-u7i-logo
images.sftcdn.net/images/t_app-icon-s/p/a0877442-3641-40ae-ac9f-cd3bde64d4bd/2119253319/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a0877442-3641-40ae-ac9f-cd3bde64d4bd/2119253319/parkour-maps-for-minecraft-pe-u7i-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1c53dda67016a83a63697272a609e9ffddbf2c0dc2f67234f6619d954f1d78ee
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 17 Jun 2023 06:29:54 GMT
server
Cloudinary
etag
"7b39d2b45de39b0f82625adb53fa2815"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2119253319.webp"
server-timing
cld-akam;dur=247;cpu=146;start=2023-11-14T14:36:25.989Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=253904",cloudinary;dur=74;start=2023-11-14T14:36:26.136Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2530
truck-horn-h1o-logo
images.sftcdn.net/images/t_app-icon-s/p/4eba9110-a475-49c2-8627-8bee09fbde63/2928244828/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/4eba9110-a475-49c2-8627-8bee09fbde63/2928244828/truck-horn-h1o-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
3ba72a79f8fa7909b695e25ab0fd636f496ebd6acfdc80919c88b571d3c23b43
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 06:23:33 GMT
server
Cloudinary
etag
"88d2624104ef01e3653104463bb381a3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2928244828.webp"
server-timing
cld-akam;dur=205;cpu=90;start=2023-11-14T14:36:25.989Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=55733",cloudinary;dur=84;start=2023-11-14T14:36:26.072Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2896
memy-atakuyut-logo
images.sftcdn.net/images/t_app-icon-s/p/2a566ae8-b2c9-4ff8-a78a-2c54b02ca246/2509100934/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2a566ae8-b2c9-4ff8-a78a-2c54b02ca246/2509100934/memy-atakuyut-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4ca3a346b66b1767b7782331e19e549015193a182d52cbebb09470b06f44ee43
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 06:54:24 GMT
server
Cloudinary
etag
"3fc5be0fd3fbbb0547d0d2a1e42a33fb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="2509100934.webp"
server-timing
cld-akam;dur=318;cpu=144;start=2023-11-14T14:36:25.999Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=73302",cloudinary;dur=148;start=2023-11-14T14:36:26.101Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3572
namma-water-your-water-tanke-logo
images.sftcdn.net/images/t_app-icon-s/p/168bfc9f-6244-4fbf-b898-7b0c60ba49bf/392892374/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/168bfc9f-6244-4fbf-b898-7b0c60ba49bf/392892374/namma-water-your-water-tanke-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
034a557c4063abff5a04c474a6b2c5d8f6eb5557ab011ec443e2c946180253b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 22 Jul 2023 06:48:23 GMT
server
Cloudinary
etag
"354d57643bb93ee7f2d7b7406e905296"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="392892374.webp"
server-timing
cld-akam;dur=265;cpu=151;start=2023-11-14T14:36:25.999Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=52268",cloudinary;dur=83;start=2023-11-14T14:36:26.062Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1908
contacts-hacker-prank-your-friends-logo
images.sftcdn.net/images/t_app-icon-s/p/1d77f417-14aa-44c7-8fe6-cc4a6dfd8cde/124260944/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/1d77f417-14aa-44c7-8fe6-cc4a6dfd8cde/124260944/contacts-hacker-prank-your-friends-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d006048561ac8b95a6f79cc150cb04c8f5b0ecb7db84299c5cd42775d5fc6a20
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 17 Feb 2023 02:27:48 GMT
server
Cloudinary
etag
"255212dc923d3ac7100f34deb5d55824"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="124260944.webp"
server-timing
cld-akam;dur=225;cpu=60;start=2023-11-14T14:36:25.990Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=25826",cloudinary;dur=74;start=2023-11-14T14:36:26.030Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1072
sad-shayari-sad-shayari-hind-logo
images.sftcdn.net/images/t_app-icon-s/p/a1a9b50f-2b10-4462-9c5c-401500dfe096/1475032566/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a1a9b50f-2b10-4462-9c5c-401500dfe096/1475032566/sad-shayari-sad-shayari-hind-logo
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e108dd2a173e163eb49c2f620107f38e021d92e670f23c6ed226aeb29abfef09
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 18 Jun 2023 11:50:22 GMT
server
Cloudinary
etag
"8843c954c2ab9274c71fb1ac1712a54c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="1475032566.webp"
server-timing
cld-akam;dur=232;cpu=120;start=2023-11-14T14:36:25.989Z;desc=miss,rtt;dur=28,content-info;desc="width=112,height=112,owidth=512,oheight=512,obytes=129210",cloudinary;dur=83;start=2023-11-14T14:36:26.037Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4460
Sideloading-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/Sideloading-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4c19dcd9f53f03c17141f98823934c46a9432aa7b218ec772dd0a22724891daa
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Sideloading-1.webp"
server-timing
cld-akam;dur=6;start=2023-11-14T14:36:26.088Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=31310,owidth=1200,oheight=675,obytes=97561"
content-length
31310
x-request-id
930b41ddf54d78c47484f5f4ffe7f186
last-modified
Tue, 14 Nov 2023 13:12:39 GMT
server
Cloudinary
etag
"31ec9d1c04e67aef9d006af6086ccb6f"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
Juicio-Google-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/Juicio-Google-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6535b5d71e2c0af62fbafe2558bac3b11ca13471da1a6a9a27bd2144ee3c6fd9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 12:46:06 GMT
server
Cloudinary
etag
"7d7880cdebbd3c65a21d683ab96981ba"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="Juicio-Google-1.webp"
server-timing
cld-akam;dur=6;start=2023-11-14T14:36:26.088Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=36974,owidth=1200,oheight=675,obytes=121975"
accept-ranges
bytes
timing-allow-origin
*
content-length
36974
serie-terminator-netflix-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/serie-terminator-netflix-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
7e01c9991f2412425d9b0c2def715b19ff34a4a6f1371568e3131d0a0d0f4992
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 12:59:56 GMT
server
Cloudinary
etag
"0dc7b0c4cd437ffb2145d0162c9683e0"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="serie-terminator-netflix-1.webp"
server-timing
cld-akam;dur=5;start=2023-11-14T14:36:26.089Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=30858,owidth=1200,oheight=675,obytes=106258"
accept-ranges
bytes
timing-allow-origin
*
content-length
30858
the-marvels-uwu-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/the-marvels-uwu-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f7e4cfab299bcd15cad2ab2e6728a4f2da0bcc9ec11263c0965c5992f8e45d9c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 13:29:32 GMT
server
Cloudinary
etag
"2c61e722b2310eac0be86e39b4187a9d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="the-marvels-uwu-1.webp"
server-timing
cld-akam;dur=5;start=2023-11-14T14:36:26.090Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=13226,owidth=1200,oheight=675,obytes=47985"
accept-ranges
bytes
timing-allow-origin
*
content-length
13226
Entragas-del-Cybertruck-2023-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/Entragas-del-Cybertruck-2023-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5034c73d02021c531e7987c171d786d73f1a9a8276d61141cdcdc7879ef21f8a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 15:24:25 GMT
server
Cloudinary
etag
"e732a9ecbbead6d4b52fccea11d3f771"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="Entragas-del-Cybertruck-2023-1.webp"
server-timing
cld-akam;dur=6;start=2023-11-14T14:36:26.088Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=20882,owidth=1200,oheight=675,obytes=91758"
accept-ranges
bytes
timing-allow-origin
*
content-length
20882
iPad-1.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/7/2023/11/iPad-1.jpg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:19::17c8:580c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
e3f1ccbc9149f6ce4cf24550e43535461c89090cb7eec31c0bdb04c241c2635e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2023 15:08:48 GMT
server
Cloudinary
etag
"8c0e784b89a0ada6887cfba09fab71b9"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
content-disposition
inline; filename="iPad-1.webp"
server-timing
cld-akam;dur=6;start=2023-11-14T14:36:26.088Z;desc=hit,rtt;dur=27,content-info;desc="width=768,height=432,bytes=14150,owidth=1200,oheight=675,obytes=54174"
accept-ranges
bytes
timing-allow-origin
*
content-length
14150
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1699972585959&cv=11&fst=1699972585959&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma=0&tcfd=10000&u_w=1600&u_h=1200&url=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&hn=www.googleadservices.com&frm=0&tiba=tjoose%20by%20Santander%20para%20Android%20-%20Download&us_privacy=1---&auid=1842802859.1699972586&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f7687059311ddad229a15ce7fd969ea348d8d0461e971b44176460b133d9f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je3b81v877889940z86335967&_p=1699972585462&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1199800881.1699972586&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699972585&sct=1&seg=0&dl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&dt=tjoose%20by%20Santander%20para%20Android%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type=program_page&ep.site_language=pt&ep.google_click_id=&ep.test_variant=&ep.pv=undefined&tfd=851
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=1199800881.1699972586&gtm=45je3b81v877889940z86335967&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
chunk0-121b11.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-121b11.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
947b2326227ef746a20cc00a8faa2d7484be02651a1e31a7db15079665eef79e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 24 Oct 2024 01:58:57 GMT
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1773449
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7821
x-served-by
cache-ams12776-AMS, cache-yyz4559-YYZ
last-modified
Wed, 27 Sep 2023 15:04:46 GMT
server
istio-envoy
x-timer
S1699972586.043848,VS0,VE0
etag
W/"6514448e-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
39, 206
chunk1-dec64b.mjs
sc.sftcdn.net/scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-dec64b.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
dceef15adeed016003cf3eaf36a4dc080f829ab0d13adf679ea9c04a83eb72a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Thu, 07 Nov 2024 15:27:26 GMT
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
515339
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5848
x-served-by
cache-ams21069-AMS, cache-yyz4559-YYZ
last-modified
Tue, 07 Nov 2023 16:52:17 GMT
server
istio-envoy
x-timer
S1699972586.044174,VS0,VE0
etag
W/"654a6b41-504b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
64, 1708
chunk7-68acbc.mjs
sc.sftcdn.net/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-68acbc.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
1a0161c0348e9c0e6143dca8dac6a3b580187ee5c89a135b13a9250fd82fbc5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 29 Oct 2024 14:29:35 GMT
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1296410
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2921
x-served-by
cache-ams21024-AMS, cache-yyz4559-YYZ
last-modified
Mon, 30 Oct 2023 14:21:43 GMT
server
istio-envoy
x-timer
S1699972586.044165,VS0,VE0
etag
W/"653fbbf7-27dd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
88, 14
prebid
id5-sync.com/api/config/ 		135 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
best-recommended-apps
tjoose-by-santander.softonic.com.br/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tjoose-by-santander.softonic.com.br/best-recommended-apps?appId=11b12502-f860-4aa9-bab7-934cbb4a98aa&categoryId=lifestyle&pageId=app&developerSlug=tjoosecom-gmbh&platformId=android&locale=pt-BR&programName=tjoose+by+Santander&browserName=chrome&browserVersion=119.0.6045.123&countryCode=US&deviceType=desktop&isEU=false&isCalifornia=false&region=TX&userPlatformId=windows&userPlatformVersion=10.0&placementId=download-intent&position=99
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
fc9c8493ddd5019d476ce812f879f14c10cd28a2a6f8391a381455d9e9354e4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/android
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-version
4.361.0
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-server-by
cpi-api
via
1.1 google
x-winner-campaign-logic
rpm
x-user-platform
windows
x-winner-campaign-id
norton-secure-browser
x-resource-id
@cpi-api/bestRecommendedApps
x-envoy-upstream-service-time
26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
405e815d-0272-4a8b-be6b-d6ba4a1c3db0
server
istio-envoy
x-publisher-id
softonic
vary
Origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-store,max-age=0,must-revalidate
x-publisher-projection-version
2839
x-suitable-campaigns-count
4
x-country-code
US
x-page-id
bestRecommendedApps
esp.js
cdn.id5-sync.com/api/1.0/ 		147 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
3MWT2RBATMZPJV8T
age
2239
etag
W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825ffc97cac94bc9-BUF
x-amz-id-2
wa0YrEjDVd9fG1Mu/DTh7bYFOr5FRB0YNsDpw/UbQvccIZifp0D2mW3gUrJs5lxzlhAkBzcEBEY=
ads
securepubads.g.doubleclick.net/gampad/ 		775 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2616644331350309&correlator=906212115048294&eid=31079522%2C31079668%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-pt%2CApps%2CProgrampage%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699972586104&lmt=1699972586&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1199800881.1699972586&ga_sid=1699972586&ga_hid=1006056221&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRj1tIzyvDFIAFICCGQ.&dlt=1699972585434&idt=577&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-wallpaper%26hvi%3Dfalse%26type%3Doop_display_wallpaper&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26country%3DUS%26reviewvecna%3Dtrue%26locale%3Dpt-BR%26author%3DTjoose.com%2520GmbH%26compliant%3D1%26ab_medium%3Dundefined%26hosted%3Dfalse%26platformId%3Dandroid%26devel%3D0%26recat%3Dlifestyle%26content%3Drich%26file%3D11b12502-f860-4aa9-bab7-934cbb4a98aa%26ad_session_id%3D10b62325-a73b-44d8-8abf-cc1dc2f937dc%26pv%3D1%26ab_upr%3D3%26segments%3D%26personalized%3D1&adks=968654847&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
413260592943e213ded265a5101b24183a3f545ad847af4b32b68bdd117891f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Wed, 13 Nov 2024 14:36:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
adservice.google.com/ddm/fls/i/ Frame E722 		194 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Requested by
Host: 12325200.fls.doubleclick.net
URL: https://12325200.fls.doubleclick.net/activityi;dc_pre=CK6i8LDbw4IDFXDNKAUdDhQBSw;src=12325200;type=invmedia;cat=softo003;ord=6730553314080;auiddc=1842802859.1699972586;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12325200.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Tue, 14 Nov 2023 14:36:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1...
adservice.google.com/ddm/fls/i/ Frame A79A 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Requested by
Host: 8876029.fls.doubleclick.net
URL: https://8876029.fls.doubleclick.net/activityi;dc_pre=CPOT8LDbw4IDFSkoigMdtNcFnQ;src=8876029;type=invmedia;cat=progr0;ord=3355964548643;auiddc=1842802859.1699972586;u2=%2Fprogram_page;u3=tjoose%20by%20Santander;gtm=45He3b81v6335967;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8876029.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Tue, 14 Nov 2023 14:36:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid
prebid.media.net/rtb/ 		18 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQ9KO7A
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9f5277de7c2235367b581e14a15b6ceca430cdcbccadecb2f52c8bf0d5a9a80d

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:25 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 14:36:26 GMT
/
shb.richaudience.com/hb/ 		7 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		7 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		7 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.19.0
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
0416717013a7e911bf0dead98aa3c1062d686c9fc21a3f2b6c8625fdea5139e5

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 14 Nov 2023 14:36:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://tjoose-by-santander.softonic.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pb
ad.360yield.com/ 		0
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.65.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-65-162.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
891 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&PageUrl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&PageReferrer=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&CanonicalUrl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.138.212.158 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-138-212-158.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
3878d5426a1e7aa26057a84fbc854e1c63c6671a78739dacbb9d522150dc5b10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
131
content-length
358
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
brightcombid.marphezis.com/ 		0
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:25 GMT
cache-control
no-store
access-control-allow-credentials
true
vary
Origin
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
an-x-request-uuid
f852aacf-e07b-46a4-8f6c-ae24cf82e5d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=805152
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e9593a95c81170f43608d42ed25f23c3b958f91406f30e3908a07a7267ff83

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nELOBVM2hENWJaLikV%2BvOdTJnwLc2GFVQwM3vD%2Fj0hRFu%2BtqZ2wFA7O1A6AiKIYKjGJJNeslP48qvVQNjVjycZRAEymMJefjroqZzJWJLWYkTeAb%2Fs6JCHgubxxfcxra3B4Ek2Lk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ffc980eca39f5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.js
www.adsensecustomsearchads.com/adsense/search/ Frame F662 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/adsense/search/ads.js?pac=0
Requested by
Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=pt&cpp=5&rpbu=https%3A%2F%2Fwww.softonic.com.br%2Fs%2F%3Frscp%3Ddsk_rscp_pt_pp%26platformId%3Dandroid&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383&format=r4&nocache=3771699972585804&num=0&output=afd_ads&domain_name=tjoose-by-santander.softonic.com.br&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1699972585805&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=5388&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
793f95e0d1a441215cf5747dfca075efdc4bfcba0a7409c8256b46f94365719a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"10033132389044881536"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Tue, 14 Nov 2023 14:36:26 GMT
collect
www.google-analytics.com/j/ 		3 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1006056221&t=pageview&_s=1&dl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&ul=en-us&de=UTF-8&dt=tjoose%20by%20Santander%20para%20Android%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCACAAI~&jid=1830655541&gjid=1513425026&cid=1199800881.1699972586&tid=UA-20035800-1&_gid=1708589806.1699972586&_slc=1&gtm=45He3b81n715LWWHPv6335967&cd1=%2Fprogram_page&cd2=1&cd3=android&cd4=lifestyle&cd6=no&cd7=no&cd10=yes&cd11=yes&cd12=US&cd14=free&cd15=2023-07-07&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=1&cd18=no&cd19=9.2&cd21=11b12502-f860-4aa9-bab7-934cbb4a98aa&cd52=%2Fprogram_page&cd72=&cd79=tjoose%20by%20Santander&cd82=redirectionDownload&cd85=2023-10-17&cd94=3555b5d0-4fce-46d7-89fd-e5458f1358ba&cd97=&cd110=c9&cd112=dexter&gcd=11l1l1l1l1&dma=0&z=119510786
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20035800-1&cid=1199800881.1699972586&jid=1830655541&gjid=1513425026&_gid=1708589806.1699972586&_u=YCDAgEABAAQCAGAAI~&z=1411521221
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Nov 2023 14:36:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1699972585959&cv=11&fst=1699970400000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&frm=0&tiba=tjoose%20by%20Santander%20para%20Android%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNPS6vEJ96oHYat0CudWCNyqo2ZWecKA&random=554084453&rmt_tld=0&ipr=y
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3177
config.aps.amazon-adsystem.com/configs/ 		505 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3177
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.168.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-67.bos50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3b20eac36676f9f9c129d76d455fe0cdf699988d57dca52a3e21fcc239018ae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:06:14 GMT
via
1.1 17f578cfce4072abcd49cd73817a85e4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BOS50-P3
age
1812
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
vs3Y6N7UEjtl3aaTVHxx_U0ej5E72xg-4DON4K9XUWMG4jINsR8EMg==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Ftjoose-by-santander.softonic.com.br
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.23.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-23-84.bos50.r.cloudfront.net
Software
Server /
Resource Hash
1c996febe2406193a8f4f29f33e6368f1ac678773895375fa183cfa2fabe6195

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:25 GMT
via
1.1 e7a41892bebb9d5aa268f6882fbca1fa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-P1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1246
x-amz-cf-id
NYT3ZSGpivBb8WLX0xlbzdTtHVbfgNNKFr-8ehnTVxDYlnsw5VPCOQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		159 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&pid=PtXoZqkeSGUBx&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-pt%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%2C%22500x90%22%2C%22468x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-pt%2FApps%2FProgrampage%2FATF_Leaderboard_First%22%7D%2C%7B%22sd%22%3A%22td-top-mpu-bf__ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x180%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-pt%2FApps%2FProgrampage%2FATF_MPU%22%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-31-77.bos50.r.cloudfront.net
Software
Server /
Resource Hash
6cb6aab814bb4585646220e471f0a9345bb859e9acced6fc4736b782167e0a9f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2c162ce08367d0379d62c009d560b4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BOS50-P2
x-amz-rid
XCZ0BWWVVD9CN2Z77YFY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
159
x-amz-cf-id
YodxxD0jEMLIhn8XWxLTiPOKMds0YlABt3t1cROCKwVKFV-XkHTETw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.23.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-23-84.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 266398c48167bf812d01820529b531e0.cloudfront.net (CloudFront)
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
tr0AECpdoLumgNmqrTWbFeoKF71gSQ3Ghod2Q8F_Nm6Pr0prdzv7UA==
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 14:36:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1413062
x-guploader-uploadid
ABPtcPpje2AfizKsp1me3-lZVa1y14vAQHcF6s963Bq1iMFM_OhEsG-82k0-VDY4yeKLjVO3S4emtP4jHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQQdPH582SVi6Tgx5likdd8ept2%2BVsH6himRNhA%2BAggn3RmMgMh9OySOzoKqgR2w%2B1UtDYveGjI1qlqE%2Fic43oiw3Kv8Rz3QSAWZ2aR8GV87MfvG1tH39REfOMzPUKqCKZumQyE4QNUT9Kj1vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
825ffc992a696aee-BUF
expires
Sun, 29 Oct 2023 06:42:33 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Nov 2023 06:52:47 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.13284595423897172
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1413062
x-guploader-uploadid
ABPtcPpje2AfizKsp1me3-lZVa1y14vAQHcF6s963Bq1iMFM_OhEsG-82k0-VDY4yeKLjVO3S4emtP4jHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn2NWvWotvgOtDdTJIFe4pH8THPc7o1WNEk8mNHrI%2BTVJvIG%2BAURY8ikK8sknIuPNvko82vhPY0vieWIvSjkhLjIU0N3VDBERrA%2FYlR4hK5NgLAB3R0lxHpN%2BwlLtZqbIlfzBK5O6JIJj4tzug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
825ffc992a6a6aee-BUF
expires
Sun, 29 Oct 2023 06:42:33 GMT
chunk18-f6d5ff.mjs
sc.sftcdn.net/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk18-f6d5ff.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-17e57.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0070aef6f01ceef01dd68aff81c20df0e7fbbf64bb6a51071532526f1f0f2636

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Tue, 29 Oct 2024 14:29:32 GMT
date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1296414
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
851
x-served-by
cache-ams12768-AMS, cache-yyz4559-YYZ
last-modified
Mon, 30 Oct 2023 14:21:43 GMT
server
istio-envoy
x-timer
S1699972586.349660,VS0,VE0
etag
W/"653fbbf7-692"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
63, 213
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::201b Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:30:24 GMT
age
362
x-guploader-uploadid
ABPtcPolZow850NwxBZtVLYBP6-MrpwFib01cSbAauolMtij0abjIwZKxgUbhs-ojFHAuf3OZvkL1RsJ8A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Tue, 14 Nov 2023 15:30:24 GMT
Norton-Secure-Browser-EN-1
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/norton-secure-browser/en-US/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/softonic/norton-secure-browser/en-US/Norton-Secure-Browser-EN-1
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:488::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2fa690c80cd253d0dfb652c7ae2c66dc7af9f2184e59f1c3f2337ce981879d77
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Norton-Secure-Browser-EN-1.webp"
server-timing
cld-akam;dur=6;start=2023-11-14T14:36:26.369Z;desc=hit,rtt;dur=27,content-info;desc="width=1460,height=860,owidth=1460,oheight=860,obytes=68718"
content-length
39972
last-modified
Mon, 21 Aug 2023 07:04:08 GMT
server
Cloudinary
etag
"66aa46a3e6a30f8fe487f75779822491"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
453573
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
825ffc996a493a06-YYZ
expires
Fri, 17 Nov 2023 14:36:26 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		146 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
48PYG2Q8N88036Y6
age
2471
etag
W/"6fff3300e0f1877d9a9539bf74fe5483"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825ffc98dad44bc9-BUF
x-amz-id-2
JNAK4GieKAK44L705QO0DpgDQCYQow53q4fqpQ/nApaNJv7Zus8Pf8ccRqszbmgkzDjQlNEOUfESbibFJfd+mA==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20035800-1&cid=1199800881.1699972586&jid=1830655541&_u=YCDAgEABAAQCAGAAI~&z=591896666
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
c862608be54079ca26fc5c4c53c43165c7680a67e0eef36405c306195da5aac3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=UChEqf3OW&w=5299385968099328&o=5633429348548608&cv=2.1.22-2-g062b835&r=false&vr=1600x1200&pageURL=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&sid=6kCOeuXp&c=false&pm=true&upapi=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 14:36:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1---&b=1&g=CqvMHJoQUj36%2BfQz4I9ti5hubzY0N3f2UjQfwqGnz0k%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1---&b=1&g=CqvMHJoQUj36%2BfQz4I9ti5hubzY0N3f2UjQfwqGnz0k%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 14 Nov 2023 14:36:26 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
location
https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.2.0&us_privacy=1---&b=1&g=CqvMHJoQUj36%2BfQz4I9ti5hubzY0N3f2UjQfwqGnz0k%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8019ed3077c04437742837e3b06627ae4cf751aaab2cfda96678eb7676704829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12407
x-xss-protection
0
rtg.gif
notix.io/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notix.io/rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 14:36:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		222 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2616644331350309&correlator=3249923040395593&eid=31079522%2C31079668%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-pt%2CApps%2CProgrampage%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First%2CATF_MPU&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8&prev_iu_szs=300x600%7C300x250%7C300x180%7C300x150%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600%2C320x50%2C1x1%7C970x250%7C970x90%7C960x90%7C950x90%7C728x90%7C500x90%7C468x90%7C468x60%2C300x250%7C300x180%7C250x250%7C200x200%7C180x150&fluid=0%2Cheight%2C0%2C0&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db7497a86903235e6%3AT%3D1699972586%3ART%3D1699972586%3AS%3DALNI_MYl1_jrkCYcg60TpJmrL0rNY9-1JQ&gpic=UID%3D00000a003716d372%3AT%3D1699972586%3ART%3D1699972586%3AS%3DALNI_MY88XXt6bf_YTEOofylBktUVHS3aA&abxe=1&dt=1699972586738&lmt=1699972586&adxs=1116%2C0%2C477%2C153&adys=470%2C0%2C258%2C133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&vis=1&psz=300x0%7C1600x0%7C970x0%7C300x0&msz=300x0%7C1600x0%7C970x0%7C300x0&fws=512%2C4%2C4%2C512&ohw=0%2C1600%2C970%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1199800881.1699972586&ga_sid=1699972586&ga_hid=1006056221&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiQuIzyvDFIAFICCGo.&dlt=1699972585434&idt=577&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-mpu-1%26hvi%3Dfalse%26type%3Dtop_display_mpu%26afcSlotId%3D1217021608%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dnative-notificationbar%26hvi%3Dfalse%26type%3Dnative_notificationbar%26devicePlatformId%3Dwindows%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-leaderboard-1%26hvi%3Dfalse%26type%3Dtop_display_leaderboard%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.46%26hb_adid%3D34ab88b88f6d1cb%26hb_bidder%3Dmedianet%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtd-top-mpu-bf%26hvi%3Dfalse%26type%3Dtop_display_mpu%26amznbid%3D2%26amznp%3D2&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26region%3DA%26country%3DUS%26reviewvecna%3Dtrue%26locale%3Dpt-BR%26author%3DTjoose.com%2520GmbH%26compliant%3D1%26ab_medium%3Dundefined%26hosted%3Dfalse%26platformId%3Dandroid%26devel%3D0%26recat%3Dlifestyle%26content%3Drich%26file%3D11b12502-f860-4aa9-bab7-934cbb4a98aa%26ad_session_id%3D10b62325-a73b-44d8-8abf-cc1dc2f937dc%26pv%3D1%26ab_upr%3D3%26segments%3D%26personalized%3D1&adks=4226504758%2C3804165121%2C1886130427%2C3555970332&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7242670019dd184928226c4c3344d241bc5f3637c74678ce2ec5e8a6caf52f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36867
x-xss-protection
0
google-lineitem-id
6394220594,6390586268,6389242249,6392528629
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449286096,138448279736,138448073387,138452936427
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame B60E
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
329 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e98b2bc28e90e0618719d099de8ea22a6ce9207d2fef27944762ba9af9d0d92a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
329
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 14 Nov 2023 14:36:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
E4HPWNE274D66EZB25KF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 14:36:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MJPTGRJNRDB2EDRGNGNY
691.json
id5-sync.com/g/v2/ 		636 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7b77edc231eac7d0acf71e748cb2a3a0b2de0029ff7b35ca9265ce23364b9996
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 309C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
383156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 04:10:30 GMT
expires
Sat, 09 Nov 2024 04:10:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4A98 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
674126927fc062ff50e3570cad0bbc72e2339d1d9c8d01b2c0bf69ae19c93337
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qN8LNPL7kbXMDxf80Ktt2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qN8LNPL7kbXMDxf80Ktt2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Tue, 14 Nov 2023 14:36:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 309C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
200890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:48:17 GMT
pr
s.amazon-adsystem.com/v3/ Frame F361 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4f1565e97106fd06ee8f2901f0fb95ca1e0fcd29b48211fbc0f3e07cbaf24214
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2624
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 14 Nov 2023 14:36:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KZZPTP8ZXPXSPAJRGZ29
sodar
pagead2.googlesyndication.com/pagead/ Frame 4A98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2616644331350309&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame F361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame F361
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1699972587154
  • https://ad.turn.com/r/cs?pid=45&rndcb=1836398369
  • https://sync.1rx.io/usersync/turn/3686961782716869042?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX1ae1f1fb4d1a4dd1ae55a26ecf5f9b7d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
amzns2s
rtb.gumgum.com/usync/ Frame AFA1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.229.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-229-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
91f41aa20e1cad87814f281a628c2c35781bf15b06e562b4827fd647d2bf1bc7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 14 Nov 2023 14:36:27 GMT
etag
W/"0e90ed00eb79e9b4045b8601efacbe633"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
2 KB
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a354c3fe4fb6a7ac3f42c77578e1c4739c900b37a6868bb7b8eb420868c6a2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825ffc9d3f0a39f5-YYZ
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oa%2BKeJJtNA7YISoMC60AnEDNG5aSFcVS%2Bp85UFLjSLw1%2BZYjEZQnHg71w5I6dVMUk1ZoMxPoVZEl625uL4egUtPTWhqtUvT7a%2F9BTmX%2F0hnKcp3wWF2MK1qX6v4D8GiLXryPd%2BSTAB01Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825ffc9ceea439f5-YYZ
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiWNvz5rm66adU9IDBPhI1FRBdGSKd4WUJJI1OaszPLn5uQMRStKjdt%2Fu56OQJQAcFQSJfVv7odBTrz0eDPnow61m022RvOdvcOmDagogxS55jB0HEIYKDnFmKYHvxrqpkYJ6c3Du%2B8k2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F4E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.219 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-219.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36179
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
Wed, 15 Nov 2023 00:39:26 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9D08 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:27 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame D13F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
700 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1083d4fdfd27206b20f4a7d55701f1317cfed551cfec6afb92b236e3ddbf5f20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
405
content-type
text/html
date
Tue, 14 Nov 2023 14:36:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame B31E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=282789838519766230&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=282789838519766230&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0DPVBQR8DR2NZW0RDQYM

Redirect headers

content-length
0
date
Tue, 14 Nov 2023 14:36:26 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=282789838519766230&gdpr=0&gdpr_consent=
amazon
ce.lijit.com/beacon/ Frame B38E
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
aa4f3bcc348ada237ef33045f90bd8a45b8303a51da574425d00e203a393716c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
503
Content-Type
text/html
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
ecm3
s.amazon-adsystem.com/ Frame 3DF9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1374257891300936435884
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1374257891300936435884
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NFCHNPCZ86TZGP20T96Q

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1374257891300936435884
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generate_204
tpc.googlesyndication.com/ Frame 309C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XSUvhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVOF6.xSY4415Nzh3mEKZgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
43 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wavjI2LqtWrHYWVr9YccWJRS3A7oHQ%2BDpNXEM1xt6%2FjBSyAbkn75VUGVKkTc%2BO7b%2Fe554e06hSa9GDxEjIzLjTO5yuk7qpk8kcq2WXUjnbmrFaPhw3HtI3N6nhEWbcpnvzZue6ASeLlPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9edd64711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3A31 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVOF6-xSY4415Nzh3mEKZgAADU4AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4M1JVK4ZSM5P3B0KKEJJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e392a2f1-0fab-4fd3-878d-9fce34a36334&expiration=1702564587&gdpr=0&gdpr_consent=
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e392a2f1-0fab-4fd3-878d-9fce34a36334&expiration=1702564587&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLYRumu53XS%2F5R9dfQ9efUzXhI2pODDYpYIYeGp8sg2vm38ocpv%2BSE9BsGP%2BtOL%2FC%2BUHSSvq2iKaEc3bO0CFNStM6LkdcETwb%2FiwIx35dx0f6JlPyxP5CWoS1erAtLLnLb3uboPa6A5TSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9eed67711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e392a2f1-0fab-4fd3-878d-9fce34a36334&expiration=1702564587&gdpr=0&gdpr_consent=
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
323
sync
pippio.com/api/ Frame 3A31
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b7f51c9672c3499cbee4f0d01342a45d
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=b7f51c96-72c3-499c-bee4-f0d01342a45d
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D889247f7-77b3-4323...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288127491930335&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D889247...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&pid=500040&it=1&iv=889247f7-77b3-4323-ba8a-92f2d95729b4%3A1699972587.4885225&_=169...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1699972587.4930732&iv=889247f7-77b3-4323-ba8a-92f2d95729b4:1699972587.4885225
42 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1699972587.4930732&iv=889247f7-77b3-4323-ba8a-92f2d95729b4:1699972587.4885225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1699972587.4930732&iv=889247f7-77b3-4323-ba8a-92f2d95729b4:1699972587.4885225
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
crum
dsum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAbXTUJbxcTaOMAybUIGJDJsWYJxa69mSfeheMeTKnYYQkt64AQVM8tiKt1O6czfqVdu3f%2Bbqveqjv0cFlbP5sBo6vJbVgvI6pBv2gpU3aVosIWWQ3%2BWvREEMIvDNk%2BNSIo9xGJt494LpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9e2c4e711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
an-x-request-uuid
e8f05a94-c959-4c07-a108-2b5ab986988b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c496bd7ed1322kl7500loyfsb8h
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c496bd7ed1322kl7500loyfsb8h
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4%2FILpThiWFjqcu1lkwT%2FhCBgM1hBdyxHHqjhdx9dbglFOxka0w2QqAgom2vStDhh5rwE2LcRhjghwCWtPMVZsGzNlMaR%2F7WS5uk9%2F6BLRUd8FJVzFnuCG1UK%2FTHU04H5APL3v%2Bc1sQVug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9e6cbd711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=4df39c496bd7ed1322kl7500loyfsb8h
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662077745369803
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662077745369803
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gS8CQZZrmLlVPVhpabth15Emwda6ni%2Bxf9VKmeadI1soqfb1mSpycLpzekRpYKYQfHwlFiib74jQJi5EI%2B16YXCwRwU5mL46VJii6rqk3b6DYQLgpzFXXQqUA7mkGWE%2B%2BXMPlaVa7NISFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9fae77711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1427
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662077745369803
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
825ffc9efaee4bc3-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 3A31
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6041073707268864632
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6041073707268864632
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5Jrb0g6xuyFfnhcKsx5OpwqLKXoBAxiOcWHd%2B6PMWzl6ImBa5GTkNLXdHeW0d43UfVCCgcCJmow5bnLTO0XP95O6V2%2F1wyY8ojnRqukkOLSURJnoNArXHhsk3COkBryaQEZkkdo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffc9e387f39f5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
an-x-request-uuid
100f6403-4854-4aa4-8ac9-863d0499b353
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6041073707268864632
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3A31 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZVOF6-xSY4415Nzh3mEKZgAADU4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TM4RFCAD9TK1SZXND1X3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9D08 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19736
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
ecm3
s.amazon-adsystem.com/ Frame B38E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=Hp8MjBZHv-8fLS2NQhSP8FDg&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RMTHQHJW0BS7Y3B1G7XZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame B38E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LOYFSBAJ-1-46X5&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOYFSBAJ-1-46X5&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOYFSBAJ-1-46X5&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
merge
ce.lijit.com/ Frame B38E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=jbWWcYzkm0UW&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=jbWWcYzkm0UW&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=jbWWcYzkm0UW&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-js597
expires
-1
merge
ce.lijit.com/ Frame B38E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1699972587194
  • https://ad.turn.com/r/cs?pid=45&rndcb=4114144722
  • https://sync.1rx.io/usersync/turn/3614904188678941106?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=97&3pid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX1ae1f1fb4d1a4dd1ae55a26ecf5f9b7d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pixel
cm.g.doubleclick.net/ Frame B38E
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHA4TWpCWkh2LThmTFMyTlFoU1A4RkRn&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHA4TWpCWkh2LThmTFMyTlFoU1A4RkRn&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
H2
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 14 Nov 2023 14:36:27 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SHA4TWpCWkh2LThmTFMyTlFoU1A4RkRn&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame B38E
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
223
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6041073707268864632
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6041073707268864632
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
an-x-request-uuid
d07ad84d-debb-4e82-9444-78bbc258002a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=6041073707268864632
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=2b154613-a2ec-4d70-a2eb-98faeef7a3d3
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=&ssp=gumgum2&bsw=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=NWM4ZTk1NjhiNzM5NjE5OA&gdpr=0&gdpr_consent=&us_privacy=&ssp=gumgum2&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3
  • https://usersync.gumgum.com/usersync?b=bsw&i=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=686d253f-5186-07b7-2071-f0641ed446de
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=686d253f-5186-07b7-2071-f0641ed446de
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=686d253f-5186-07b7-2071-f0641ed446de
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42
Date
Tue, 14 Nov 2023 14:36:27 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3z9Wb4ZE2peGZGGbomyLKVwMUiPfRMN2u5ao~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3z9Wb4ZE2peGZGGbomyLKVwMUiPfRMN2u5ao~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3z9Wb4ZE2peGZGGbomyLKVwMUiPfRMN2u5ao~A
content-length
0
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=61646941-44f5-4768-b56c-8ed88233b33f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=61646941-44f5-4768-b56c-8ed88233b33f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=61646941-44f5-4768-b56c-8ed88233b33f
Date
Tue, 14 Nov 2023 14:36:27 GMT
Connection
keep-alive
X-CI-RTID
4222e62b-416a-48c4-a9cd-3e5d7ad68394
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame AFA1 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 14 Nov 2023 14:36:26 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_de9f6146-a209-4f72-b7be-4e912e06e5de&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_de9f6146-a209-4f72-b7be-4e912e06e5de&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=iuuSt-dd1FqWX4OJZZG3&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=iuuSt-dd1FqWX4OJZZG3&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=iuuSt-dd1FqWX4OJZZG3&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=AvERhqHxeDxU&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=AvERhqHxeDxU&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=AvERhqHxeDxU&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-5fn7g
expires
-1
usersync
usersync.gumgum.com/ Frame AFA1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=282789838519766230
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=282789838519766230
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=282789838519766230
date
Tue, 14 Nov 2023 14:36:26 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AFA1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_de9f6146-a209-4f72-b7be-4e912e06e5de
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8CDY3KBBS1PZ5B87X1DK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 67E0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5695382660300420470&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5695382660300420470&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.229.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-229-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5695382660300420470&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame C57D 		170 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9kZTlmNjE0Ni1hMjA5LTRmNzItYjdiZS00ZTkxMmUwNmU1ZGU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5D62 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.219 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-219.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36179
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 14 Nov 2023 14:36:27 GMT
expires
Wed, 15 Nov 2023 00:39:26 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame A5C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e392a2f1-0fab-4fd3-878d-9fce34a36334
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e392a2f1-0fab-4fd3-878d-9fce34a36334
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 14 Nov 2023 14:36:27 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e392a2f1-0fab-4fd3-878d-9fce34a36334
server
Kestrel
usersync
usersync.gumgum.com/ Frame A3DB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVOF68Co8YIAAGXJxOwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVOF68Co8YIAAGXJxOwAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 14:36:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVOF68Co8YIAAGXJxOwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad73.dc4p.scaleout.jp
X-SO-IP
96.9.249.42
X-SO-Key
ZVOF68Co8YIAAGXJxOwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.42","key":"ZVOF68Co8YIAAGXJxOwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad73"}
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad73
usersync
usersync.gumgum.com/ Frame 9F47
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT Tue, 14 Nov 2023 14:36:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:27 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 14 Nov 2023 14:36:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame D13F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c786fd32-6539-841b-8704-621ebeb78c78&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S09R9Q267YKX0SFWYC4M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0b97e70b-e93f-ada8-76dd-f67c29d38ad1
pr-bh.ybp.yahoo.com/sync/openx/ Frame D13F 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/0b97e70b-e93f-ada8-76dd-f67c29d38ad1?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:a344:818b:7db4:692b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D13F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=c786fd32-6539-841b-8704-621ebeb78c78
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QQPWJKE4JHZN6CK5AVJ4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D13F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e392a2f1-0fab-4fd3-878d-9fce34a36334&ttd_puid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e392a2f1-0fab-4fd3-878d-9fce34a36334&ttd_puid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e392a2f1-0fab-4fd3-878d-9fce34a36334&ttd_puid=9f50814f-7993-3fe1-470a-e089d6844798&gdpr=0&gdpr_consent=
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame D13F 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMzZjUyODUtYjBlNC02MTQ1LTUyZWEtYmEzMDFjNjY4OWY4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D13F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKW85tHIqvzx8fRzLEX2NGk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKW85tHIqvzx8fRzLEX2NGk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKW85tHIqvzx8fRzLEX2NGk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 9D08 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1df09169f58a071f2a391dff1b3307b
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F4E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70358729&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f5a1a648021e5b69e5d3c55f867f9be61f8c99c91fe29fa8fda68a15ce8674f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 14 Nov 2023 14:36:27 GMT
content-length
1766
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame CCAF 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19736
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveQZ1VAAcYv0NEiBQn6Yp-suTOcfAI7vWlSKEAl4fpkO9hezY0g-xUjz5SbZzGZYStHr3Jv8TbqZ1gwcVMfp3Ikwwv2H5sWponhbZBbCdz8bMcxrBxOT-Co-6lWmdl8YXjh50M8v8pk3aNz3BAL__SwnpDsI2gdShMyUWoCOQE8AsT3tzUTBp8b4Jb4j7RvVMZ32rf5YLl6YGDoo7B0rAVOHUk6iv98zvt1Pbi__rWh29frpqHYnbnfekimHUrelG5bJ2LyFwcov6zd1o1XYsRkzgHxoGgnmHpvkByi2-48fp1J8ISlEHdYXVjjrcId_SRG2s4x5hOGxJcmurCA3X1ygRzogiHE4FxwKgcYEWDvDiJY7wHW9JkJbjibxUlCwpGKl01TDpusBBJsbP4KIZQKJ7y3lzmin40d8jW04wtWyGJlMP20CdOdma625ftMdpY&sai=AMfl-YTtiNCMj7gMlZklWOunHP6tM4Kb5XKb32hzhuOp-h5Y-LuYNoHdP8AzE6eDYWaIQiv6wpSW8Tmms_yG1xkWd505JesCwaxQ9R8hfmXMtAlwJXeX1QfTCMPEkI7Bi54&sig=Cg0ArKJSzBylxxLi7OaJEAE&uach_m=[UACH]&adurl=
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame FD4A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:24:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FD4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:27:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
43755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:27:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD4A 		192 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:36:27 GMT
4458307077342190409
tpc.googlesyndication.com/simgad/ Frame FD4A 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4458307077342190409
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0148f8f91e2ef35d38ba66c9e01f3deeab27bfedcddc77cd782908c401ac9ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 04:04:05 GMT
x-content-type-options
nosniff
age
297142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63909
x-xss-protection
0
last-modified
Thu, 28 Sep 2023 10:50:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Nov 2024 04:04:05 GMT
l
www.google.com/ads/measurement/ Frame FD4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRVKxJT5fI62kGsNrjhuhvWvMkU2MqHKiN39yJxr_MOSu3cidkcs3a1aIKn5AkwcGBQdaR1Cnwof2QQ7qIHH5OY0jpKg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
container.html
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5701 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:26 GMT
expires
Wed, 13 Nov 2024 14:36:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwSuk1SrKUyrcEEelJXKTTDNQ5tS-9nWDwg0FiaqtAWrCQRPZHQ0snhiR1MXevjusiX9Nhg-sgwhA6gqMdWepzD0LAlMRdyfAkfONEQ5A4ceDCcQLBwhekCNsLhWOH-PiU2v8nNVa6VWtCLXbyvtiWKygFAsLA7a4iutS1tah9tTXTxx9kLXi448kG05cmBbf7VdQJGHQ7iaurfcNaFntL-0eDLSmmGGrpMxPTb3v76DGOj8OzZ0e0KIjTUTTC7XONIGl7Phw9dnXmzl57uq6U9yMNYtAufG6FMaKAgHDQgfDtLxMGL7BnH9gqnbXRh6JgkdS6NNbdx2OfO02E0PwjGkEhU25nNObZI3S_BjHSleDpXK-aoSfFHgQ6CqDs_0c8M6ZNH9ITYllGi_mY2e_0GZzRGxleG4MfKUZ2eHyj4iPQm4x-oJeX1bwr2TrW6IC6HP_fuG8NoDM&sai=AMfl-YQ_4vyXGfVaumcsMjTZmV6NZu5s73l15yJqhoOeQsxZDYbRFdnVF0CJwSL-CEQlOfK7XfcfWvn-vjOBHhzhWsOlvwDS_ydGTUwrI1S8-NgtMxdrsseB632p3cyMlds&sig=Cg0ArKJSzDL7UwgWMweMEAE&uach_m=[UACH]&adurl=
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E23E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:24:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E23E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:27:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
43755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:27:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E23E 		192 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:36:27 GMT
8789882658702729045
tpc.googlesyndication.com/simgad/ Frame E23E 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8789882658702729045
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a141761051f2f24406aa51662d2e2bc078e4050d2697819eafc6899d1972611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:50:16 GMT
x-content-type-options
nosniff
age
60371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49030
x-xss-protection
0
last-modified
Thu, 28 Sep 2023 10:50:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 21:50:16 GMT
l
www.google.com/ads/measurement/ Frame E23E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS77QxtWWfA2JuGWJ76hqhHxPqqioYwkxoBHIHgqLIsGQMQZ5rzK2pFFuFn2cF9td5nF-DwsqF3NtMphtphLbotIRKZ3w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame AF70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLp6pTYW0taGKXRB0x-BKlCROB3Pf6EjcoYuPcQRyhPqcS_QAkHa-dkkKd8wS7Vn93-qxvF6CbKChP9_sopqUg1g1JKz81py7ibL63zqbetM1O7lGyt2v1feaAdHHn3jke6jP8R4yMRKkKEkWs0wLKQNqsoI6-1z9iVKxV8sv1rCTrRaV4ly82kf95VrvFveIAMKn4OYF2yh8yc165fK0FWg8euDqKjMFyekdOhdjhfUkWQoYOXmbn5zHxOLST9WXMzRntRVGoOjNwGG2eVYIV5DyIetXRckvCh8t-3zXlpoHQPVNbyazyaCDOvQjxCzDm6bE8XzWPDRA26GLS2Jwz4a2R3uIHzWEdxuyIoOm40lhf_k3nLKEdRxLHqOW56JOuOtIz98TFVrUxouKa_PkZirCkM3Yj4oV7AmRftDQQp_eeXt5lHIFa3Q&sai=AMfl-YRRtkcVGk_tn3778-42jLyC0W25nqZ5SUDXb0ZYS9ot7Fj1OftSflapMR_kbFNHO3o7pIBT4hrxR3_rnskTXdEqE-HWdFp9Y6v7GI5BXsQ94b-9oDed0_0xkZFeXs0&sig=Cg0ArKJSzJ-HgDS8EcrjEAE&uach_m=[UACH]&adurl=
Requested by
Host: tjoose-by-santander.softonic.com.br
URL: https://tjoose-by-santander.softonic.com.br/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame AF70 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:24:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
43889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:24:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AF70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:27:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
43755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 02:27:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF70 		192 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:36:27 GMT
5982918287493759456
tpc.googlesyndication.com/simgad/ Frame AF70 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5982918287493759456
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80bb73a90ab868182222fd3d4bc856e4d09c90e2db8bb64114df261006b6478c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:12:13 GMT
x-content-type-options
nosniff
age
383054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 14:26:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 04:12:13 GMT
l
www.google.com/ads/measurement/ Frame AF70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3E3X9S-Ur9ovNyO2thq8uos9hwcEkpH0rlkr-fBRBrLZ9fj9GWefYNwLv_5nKXKBcOshjZJwFh8J7wH9ovIG7IR_wAQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
truncated
/ Frame FD4A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba878e7d2be16e9ed37d51e1bfaad2bc8ce7c939175c8b8576e3433cf550bbf7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E23E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16203690fe9fed36f4a66bfb6c25b8a21f3770f7da59f169b581b0ed6215c7c3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AF70 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21de929c857298edc2134954baf9214565858a35f4c8fda32885931e475d01ae

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 9D08
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
  • https://s.amazon-adsystem.com/ecm3?id=LOYFSBD2-20-CNOC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LOYFSBD2-20-CNOC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7Q17AWR42RBN6Z7YDGW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LOYFSBD2-20-CNOC&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
9ba83a2fefc5d3c424bd9f4a424826d63db2db84612ac70f4cc8ff19f67267b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5701 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
URL: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
303128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Nov 2024 02:24:19 GMT
css
fonts.googleapis.com/ Frame 5701 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
URL: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:21:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 14:36:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5701 		192 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
URL: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61843
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:36:27 GMT
khaos.json
token.rubiconproject.com/ Frame CCAF 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LOYFSBD2-20-CNOC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
dcm
s.amazon-adsystem.com/ Frame E130 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TAJ2661DXR58GPZCJ27X
ecm3
s.amazon-adsystem.com/ Frame FADC 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
643KE33080H4TF28NQ8G
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GsSOBjb6TJunnqKkT1jrYw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.220.188.219 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-219.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=36179
accept-ranges
bytes
content-length
5606
expires
Wed, 15 Nov 2023 00:39:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4F4E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e84688e5-4eb0-4717-a45b-9a49b557efa5&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e84688e5-4eb0-4717-a45b-9a49b557efa5&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e84688e5-4eb0-4717-a45b-9a49b557efa5&ttd_puid=cf5e7725-9bab-4ee2-8268-528967c3c7e0%2C%2C
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 4F4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%201AC48E06-36FA-4C9B-A79E-A2A44F58EB63&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 4F4E 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 4F4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUFDNDhFMDYtMzZGQS00QzlCLUE3OUUtQTJBNDRGNThFQjYz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4F4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFmrZKvC-rREz1ih4csK8lM&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFmrZKvC-rREz1ih4csK8lM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFmrZKvC-rREz1ih4csK8lM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4F4E
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD
42 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 13 Nov 2023 14:36:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4F4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 4F4E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74ZXQ0ZE2uW1BSICKlDEaV.s_n2hTVk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74ZXQ0ZE2uW1BSICKlDEaV.s_n2hTVk-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-74ZXQ0ZE2uW1BSICKlDEaV.s_n2hTVk-~A&gdpr=0
date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
securepubads.g.doubleclick.net/pcs/ Frame FD4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi0sguCAB9K_DPoDiSZdiEpTE2gCa_glmycbT39qEK3bVF5mGwIdHogeITCzcsNnnl6uS6cPtfvB3-ANh3OIkB5uornyxOu_ezt1JrZgC20NPnbz4oKRcyqG-SCJX4UYFhSVV6G2-axWJi8O4sDODymHm73t1pZ33nmNlNDkX6puJlj9Tk8VULx3vpGGLWIFb_Q6jCJob33KoYc5jDhJW9U5dPoEQuCkDjSZchjRZVAsesye4ANLrFR-kOBCcSSUMCkwCry-jELaw0_jKh4ENdvt_yaZt1zM0SOyU76DF9odroL5wa0oIzmTAXhyiZy9l-DXb4PfVa1zF29eQuwv6rV7KaSgKT-cdGcYV7UZEpw9GzhR6iOzL9o7zW1pqnC7coDimhfNIW9ObRv31UDw8LmpmGx7DPnviVTo1uklMHyTGTQs24&sai=AMfl-YQtM2MJmNhDlEbcIBNcx2PRhusdNenFgbFCYlIZwgLqI8ypEAjN8u_INqA3ZbnlR8ohv3sAgZ_iRHxRICaPaIoYnmBnh66hhwL-727DQOQTewz6Y3ay3PXy1NDd0Hs&sig=Cg0ArKJSzNiDcmo3PbtzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 14:36:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E23E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt8URPEaP4jtRbz1z2pZMN62Bl7sjogpfEux87ifg9ckjVVUuy6vIirOG4n1QOYC5CA7TocRVfMGB22xKZOGpkAnuHsc66g0vi-4MM7fnlcXLJnURSMXC9angkkwwItrXQfoCTS9qJMhwHt5509q966v-ux9kooKfkTO4Z9aXvfVfcXULO3C9APd8-_q9s1Uk4npul0kQa0UV-dW0SEP341wEzOsPosHHcHs979lwNjjTy0RjroySWHzUE-EantaPQzyR_gobFZJi_8WtcRFamYayl22TWj4hJfuiFFwJjuIU9xEziSz8shxZrOj2S07buuOQarQLL1rwg23hCGf1Z_7pBVVtxrDmwyWAj58c9fQj441Hb2bzDXZKTYuMme9Zi81m1wDfBo8pa4IWQ0FLjDUKl4UkTzkf29XCTQ3Hj0no4ZYBkHAAcTQZ84CA&sai=AMfl-YTWrAcswqnBHLBgdkIy0ru0LK10o_TdE0B4qQkXTs7IWEukfU8uF9h_KL9t2U9JKlHpAX74dpzUn_fX3eqp2ToAxIYp6awE-M9rH6S6o69f3rkT2VmwQCxHEezbaWo&sig=Cg0ArKJSzOFeO2G_JvyqEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 14:36:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AF70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFtKJq-hZGVUzOQMeWql768tOaenqiYaUSfvPiKhl8-HI6mWSJRCOlXT-PEVue5f8f9yDqsE45rKHyi-HSaHRQ2_khfu_dueBBzKitxQS4g1cz0XsKVtJ0fn8UwlTaFCufHGdcApp4ctZmcuVYdarEw2uPi_PIX0Ue5iZHNnEHEHzmFhl5INy_x67ODnYtpXr4-RPqV2pzwDYACmdTkE7ZB5XWh3dXz4R5cyig_LCmLJTp6yY6fi-DP0U8Zx7hwTLBPNW7hossTgQQsUTVR2yuPssUKCdFQPRkw9-MNwLkoPrzMkvkWgSjb3Jb7SmNvQ_CEJ5VJB5epsu_A8Vo33Qvq8rUuJL0oH9fjlIaiZd3CKFaUy8aJJih0c-P_t5Q1HBLJSxI-c8xXXTDLfm_f3kBsPpSPbK-TkqkAyKbyQ&sai=AMfl-YRTnlcnVvilICzqa29y6UalWbsivEbXjxDFSHmaP-yrdWjEY0c5ySixnDi3Ybqry2KY6OB0gEI_ORI13AzDgIsABmQ6DAEJjz_MDp4TWdtqf032q6d_yv8Ch85LAg0&sig=Cg0ArKJSzN7_JhN7TaatEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 14:36:27 GMT
usersync
usersync.gumgum.com/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
  • https://usersync.gumgum.com/usersync?b=mag&i=LOYFSBD2-20-CNOC&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9D08 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y9KANF9MHBKT0FZMJTK6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 9D08
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2wFeEuaIReq6GcChcl3RQA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2wFeEuaIReq6GcChcl3RQA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2wFeEuaIReq6GcChcl3RQA&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K4YVCNDCV6DR9S5VVNWZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2wFeEuaIReq6GcChcl3RQA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDeClBCiMNE8LGU0ogi6uMk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9ZRlNCRDItMjAtQ05PQw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBPwydbWJAEENAoInjGKPKc&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBPwydbWJAEENAoInjGKPKc&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBPwydbWJAEENAoInjGKPKc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
0
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 189F9A6CE4364AA7B1431E35D0FEA6A7 Ref B: EWR311000104031 Ref C: 2023-11-14T14:36:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKHbY5r4XaydZ4Gao3UQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDI4NGUxN2JmM2UwMTZkYWQ5YjMyYzYwODQwNGVhNjgyMzRiY2Y5Yg&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDI4NGUxN2JmM2UwMTZkYWQ5YjMyYzYwODQwNGVhNjgyMzRiY2Y5Yg&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDI4NGUxN2JmM2UwMTZkYWQ5YjMyYzYwODQwNGVhNjgyMzRiY2Y5Yg&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SP41dh9uQQE43eHJ81Idm8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p0xeqoNE2oJH9yeaC05wu2A_boKZ7cYe70khVg--~A
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p0xeqoNE2oJH9yeaC05wu2A_boKZ7cYe70khVg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-p0xeqoNE2oJH9yeaC05wu2A_boKZ7cYe70khVg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=&expires=30
date
Tue, 14 Nov 2023 14:36:27 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACGxE7KpwwAABMX00rB8w&expires=30&gdpr=0
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACGxE7KpwwAABMX00rB8w&expires=30&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACGxE7KpwwAABMX00rB8w&expires=30&gdpr=0
Date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
receive
pixel.tapad.com/idsync/ex/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 9D08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC&ckls=true&ci=fjWKL3AxpF&nc=false&trid=1274098949
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC&ckls=true&ci=fjWKL3AxpF&nc=false&trid=1274098949
Protocol
H2
Server
18.239.168.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-168-37.bos50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
via
1.1 0232563f5d1fd895045d5c31a6edd12a.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
AsRTEiuh0CAK6Ki7xUySUiPDjiWBsKJJMfylT03IuVQQUiAcdm0Vhg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LOYFSBD2-20-CNOC&ckls=true&ci=fjWKL3AxpF&nc=false&trid=1274098949
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
WVwsLSqPWjd-vsyQWFDdytKnERSarXbxD8pRs9eFxvGY8qYy-eUfXA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync
hb.yahoo.net/ Frame 9D08
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LOYFSBD2-20-CNOC&redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LOYFSBD2-20-CNOC&gdpr=0&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NajVxU1oxRTJ1SFguUjNkdzRYY0JqcVZlOVhLTTFMMX5B&gdpr=0&ovsid=LOYFSBD2-20-CNOC&dpid=58160&us_privacy=1---
53 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NajVxU1oxRTJ1SFguUjNkdzRYY0JqcVZlOVhLTTFMMX5B&gdpr=0&ovsid=LOYFSBD2-20-CNOC&dpid=58160&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.40.179.63 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-63.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 14 Nov 2023 14:36:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:28 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NajVxU1oxRTJ1SFguUjNkdzRYY0JqcVZlOVhLTTFMMX5B&gdpr=0&ovsid=LOYFSBD2-20-CNOC&dpid=58160&us_privacy=1---
date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 9D08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9D08
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61646941-44f5-4768-b56c-8ed88233b33f&expires=30&gdpr=0&us_privacy=1---
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61646941-44f5-4768-b56c-8ed88233b33f&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61646941-44f5-4768-b56c-8ed88233b33f&expires=30&gdpr=0&us_privacy=1---
Date
Tue, 14 Nov 2023 14:36:27 GMT
Connection
keep-alive
X-CI-RTID
38f211e8-78ed-4c67-b2b3-2f4221203d65
Content-Length
175
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 9D08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.229.232.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-232-144.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
merge
ce.lijit.com/ Frame 9D08
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LOYFSBD2-20-CNOC&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5701 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9XbN6HTYRLL7xuFKCmRW540_-iAAw-Y4RUav-t1BmXJQeA6RE8-_bEfjW0VdKn0R1QZw1uRa6x_QiYH3_HBeH84AoI-Lv2ttIGX2eIzMbcFJs84khLRv4URoUAnGMa6ur_VDvpun8i624HvAQaZBAbnHP-xWI7Hen_AkZAaLYKKypfFGrNn6CDkPr_Z0Fc8Zy0W0smXgbYYt27EINm_DK7evS_5l8nbdB7jaOBGY7B4-Uy_Ty4N8C-XpiwYIog8ydzLPESBJRE_5P9ZZBAyKwewJ_a7aD9i2Iz-mOaoljwoB5JLRl6oEqYT7DE76Ch6pFXsGZqkS-GWbvRl4Qz8mIsanPNxhR4KbRjqW4hlrbd26XlqOwXJ68CWsgCVcd3FYpHQqT6D_ZTplpCr1816IeHbRKk01UCS6qMBMLwDmCOdwIWD_Pw7GZY_FpdAe38Eg9QmtSS0ktp5ph&sai=AMfl-YTQf_HGzB3wTXR9_824BvZdAP_tcVXPn4EugGm06SJYwisG72M66_Qte9TGgmoM7GPuUuNqpTQmlscCq-YWHiFw7V9Z-PbpVgincr1ob-mYTSC6z7vTaIQa26Gaj-I&sig=Cg0ArKJSzGyUta9lU3rOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
URL: https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
v3
id5-sync.com/gm/ 		666 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
4545056e218b4b36a0cacc2701d322d77b3d5d847ca0e0393c4a18bb04149337
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5701 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:26:50 GMT
x-content-type-options
nosniff
age
302977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 02:26:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2616644331350309&bg=!Pj2lPXLNAAZxrfrxUa07ADQBe5WfOJIbSelA1JKQ_ZYVRxWoq2ZYi0nH_McFiuhFqU8xrd0bzun47a4ZPiqmrRRtP35XAgAAAFdSAAAAAmgBBwoArM6bzzjDxjKbIsOFKDTRPoCCeJdZ3r_VnroC5Rlvygzg4Rl_OkQgavZ0Zce3molp5A6Fl8yuQA3FmbDQAgimuSMyKKE8T7HDh_cNU9_uP6g1vgm9k4A0cC_W4dXB2VE4JQQQgnpLTqPjIOhMt4T2R-wdvQR6Bwc8MQyCw0OvWJGC_S2d0eulXtBVfFbNUKcPqBQ_SWJYf5h1KslGlS0Z1C9hNIwA6DWMuwoZhxuZAs3LJMWwDMlrSgpaSYYChHn84OQbV_97qVOLK_bN6FP57GSrOUTK5UBfPZzRD1r_z-2XVYHH75TNwjGjz27-pCPpMSM6-Uz6cWfeGd4L09dj-8KJqXsz1YXXziBltGJPkQ-s46xv63MyKDbpRUoYbO3_i7FQnI8vLApRjYzwma8jqg2rxaGWh_AWK0GaG6sVqfXyqNW767lfFRIHwUY1AMKNJa3Xggp3cgnhOA5Uf2d00-WEw_OICU27LVxAxgUK8hhtXexXnT-wtQXVqk4TobJrEhIqQ9q3vnRXOyi_wTWU2--XqemiGP0iqO7HDGj3cQKQ37DL8qrgdTAq5DnThx8M0KGRT6GoRyK5SgPUMLXsvpxJ0ioLIbOn7J4zNFOQltSZwYbeusaNujcsQQfTEr7N9KnxZ5A9YKNHPiX8tNcFFAdIU1xGK_RhsCtjblSvKNyCyR-YD3v0w-G2WJhF2KLEAMYde54iIZVaA1gtl5LZzzmTisGihGHOnU5wUhCZke3MZ81Rm-68PFfin9d84Kj1C_A-w3XutLQRmflhgZJdv7iQxRZfZPADTzf7Up2REgqeL1TUmLSlh3KtJwlMkaTPK6SehQhQLdLwq_bZOpKjd3Qupq1qHezQeeY7JrXBxUVol5l0VPj66l23VyFuCndF863ldk8-O9Ssblyw8KzzrB8Mdjuyc4oCPqWmN4jQBmhaCZhknIhf3HCuUQJLg9xSu_1OePSu-c-XNUTtOBIDrQZKPrHeF65G-8dXPCTxFZlGx35Ood--vbnjGCX1c9ufC0jtE7H1qoXRBDY82dWWB38McPMCJzQBcmPhh3-jyhknL3LsMktLPI063Ohz-Fnp_WH8Q9w7j8JUuaoeevjq2PSeDcvd3Ug3KlQy6MMXwrlwQjEc0qRnt7UMpB_wZoekJ7tCiX50F-yVuzdhuZQ_qLXaNwtO45dF21uoltk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
truncated
/ Frame 5701 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863066ca0bca9f6cec60f46e02e79ef6bb3f349a00127d0392341d30492b0d81

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
pixel
capi.connatix.com/us/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
825ffca2fe4036d1-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LOYFSBD2-20-CNOC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
825ffca29d9b36d1-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOYFSBD2-20-CNOC&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
an-x-request-uuid
fbb022fe-e4d9-4f00-8c9a-94f1f1b6efcf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=vx14wWBVUUhNaK1m_OcDKWAJ-So
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=vx14wWBVUUhNaK1m_OcDKWAJ-So
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=vx14wWBVUUhNaK1m_OcDKWAJ-So
Date
Tue, 14 Nov 2023 14:36:27 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=82d3fadc-3f46-4031-b82a-a0d78dc36375
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=82d3fadc-3f46-4031-b82a-a0d78dc36375
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 14 Nov 2023 14:35:57 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=82d3fadc-3f46-4031-b82a-a0d78dc36375
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&us_privacy=1---
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1498172
content-length
0
expires
Tue, 14 Nov 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5695382660300420470
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5695382660300420470
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5695382660300420470
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOYFSBD2-20-CNOC&us_privacy=1---
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6041073707268864632&expires=30&us_privacy=1---
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6041073707268864632&expires=30&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
an-x-request-uuid
5a90736e-b92a-4396-bd29-31be2ad646c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=6041073707268864632&expires=30&us_privacy=1---
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3614904188678941106&expires=60&gdpr=&gdpr_consent=
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3614904188678941106&expires=60&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3614904188678941106&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-1ae1f1fb-4d1a-4d...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005&expires=30&us_privacy=1---
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005&expires=30&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005&expires=30&us_privacy=1---
Date
Tue, 14 Nov 2023 14:36:27 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX1ae1f1fb4d1a4dd1ae55a26ecf5f9b7d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
esync
token.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://id.rlcdn.com/709414.gif?us_privacy=1---
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 14 Nov 2023 14:36:27 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
sync.targeting.unrulymedia.com/csync/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&us_privacy=1---
  • https://sync.1rx.io/usersync/rubicon/LOYFSBD2-20-CNOC?us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:27 GMT
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:27 GMT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CCAF
Redirect Chain
  • https://match.deepintent.com/usersync/143?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_cd3e3df23eea457791e56
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_cd3e3df23eea457791e56
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=1011864&nid=5528&put=di_cd3e3df23eea457791e56
date
Tue, 14 Nov 2023 14:36:27 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
visitor.omnitagjs.com/visitor/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1---
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&us_privacy=1---
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&us_privacy=1---
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOYFSBD2-20-CNOC&us_privacy=1---
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
52.200.68.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-68-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
cs
cs.yellowblue.io/ Frame CCAF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---
  • https://cs.yellowblue.io/cs?aid=11590&id=LOYFSBD2-20-CNOC&us_privacy=1---
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
18.205.170.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-170-196.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5701 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMcSPEpjEddjPmVkKzw7ssrokE_Ak2gZPARW6EuorgKbVqK7VKN6EFefE3MxeKJ_8Ma-pvlxsNQ3z6euB-thP16jWrprleJsbD8pTUSxXqRVYuGcaP7M6LUcB0yxDsnnd0G9G36P_JgoI-5aYpaNhFzrlfK0ZTmMJX_k8HnYqeMDigNTUibv5eWGnyKFgzkSzZVzMZPQAUYP4g6DlsJc3VcMyhd8Y70b-qX1DLHdw3JS-vLFGEG_nhsCHiUD5ogefT-IZd9HdtBQBglJABP1Bh-BGIYDvLaLvnejR7VpYPYwppnA2YU-qznze4rhOYGwRmfVR7rJD5Hk27oXjXRWcv8RZHiZRGPF_ZKABrFFTmhpHxS3qVMKqVv4Di_ldh83DRbh_aR9BOQHehFQxy3NAaL7MNt9IMEm20qkEk539KOESitD9LPudnxwBCIQfJ&sai=AMfl-YSpsO0epYITILqsn2AMXmyxKBqMO37Bd6VuI4KG1mO-3uoTmksLls8yPlLNKap4iAC7iodu-5QjlRWyE8-bPIaZ14W6N2sbVHQN9HzcqGN7JnelkuCyBL9QHNZE1h8&sig=Cg0ArKJSzJc9gSjXtqiYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 14 Nov 2023 14:36:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FD4A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0BhQ8n5IdAXA2idO96dr_4YHqkC6jTwpTZ0o3VUdT3vH0-RucauActM_VydpEk3XJNQNEGXL7ZdymRKdBcf1pOpzd23SVJsTt9jtfxaiHHassgsvA2QSG5FztMQeJXxsa36fYyHFOyg&sig=Cg0ArKJSzPxcTqOAjUXSEAE&id=lidar2&mcvt=1000&p=485,1116,1085,1416&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4226504758&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699972587364&rpt=212&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E23E 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupYTgP-yEr3XBTRwICl4plv9vuuqCQCOc0XZmRRTvw0O90jCwdgl9VhbQALS-d6TXpspp5U2o29X4wgiKor2MNolcmjdvhxR3ScqtJdenTKfoAbbcKdkcRjhVUVoVFMqFSKNoKWMQZqA&sig=Cg0ArKJSzL6WnTPZTWCcEAE&id=lidar2&mcvt=1004&p=228,477,318,1447&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231113&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1886130427&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699972587399&rpt=204&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AF70 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsungwtzWVuikZI39XvQiUvoZ8LoIYT3SBLWxq7TBYYvvXuRQTyV2XpGaqo40tqFoj7AB2n9i2DGv_AJWUa7TkyzH1XjvKQ5pFKo537Fl8Myd5l5eDVeVTX8VGx0F6YyV_N4PBt_mJMk5g&sig=Cg0ArKJSzLSaYA5BOPtLEAE&id=lidar2&mcvt=1000&p=148,153,398,453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3555970332&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699972587424&rpt=207&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5701 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrZpELDCyHe-emhP09uScgHN5ujVS7QMcvjIFAHrtvwPA_CyBPQSho5B1esx0gNnLZBd1zpeElrpq-leylfCostQlmPLyvJnLh8A1Vvsq8CxxWc_Yku0NB1t2fQvgzRO9rNPYaNqpnng&sig=Cg0ArKJSzDxuhKwhjoylEAE&id=lidar2&mcvt=1000&p=0,0,48,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3804165121&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699972587387&rpt=463&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7196 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
5
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
825ffcacfbbba217-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Tue, 14 Nov 2023 18:36:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame 338A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3db5a2e268a0f2ef20820cd5cdc1de6b4e2b5ab94f43755517bbc0cc1cf26c54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1266
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5046 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.219 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-219.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36177
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Wed, 15 Nov 2023 00:39:26 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DA00 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c10bd9250f073f419b268153557c35a4cce7e1aebae956b7c40358c36e77937e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=74491
content-encoding
gzip
content-length
11833
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Wed, 15 Nov 2023 11:18:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3FA8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: softonic.com.br
URL: https://softonic.com.br/revamp/sft-prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://tjoose-by-santander.softonic.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32133
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 14 Nov 2023 14:36:29 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 08 Nov 2023 05:49:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
239, 40725
X-Served-By
cache-lga13626-LGA, cache-yyz4565-YYZ
X-Timer
S1699972590.589818,VS0,VE0
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 269A 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 4F4E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 5046 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38402549&p=159047&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
34f1068c21defa09b1d847fe78418dddf91d7a99beb71911b1655c01e0fc7770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 13 Nov 2023 17:48:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 3FA8 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
10637192-334b-4b1c-94f5-8a9b24830f05
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
b1367b73-fbdf-47b6-84da-46ef41aff723
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
589b8e3a-cfd6-44fc-93e6-48d8e06e1d09
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=6041073707268864632&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288127491930335&expires=30&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&name=BIDSWITCH&gdpr=&gdpr_consent=
Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 338A 		0
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=07dc5964429139d5cc88faf2b9c0145d
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.190.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-190-82.bos50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
via
1.1 7a4ccc9add8a93cfa1b2787d370d6716.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
BOS50-C2
x-amz-cf-id
1xCtQhVIoKk1PeOvwHjTyrIRyFOn_NC3r_hmmOOMlyPV5vLmP6w73g==
x-cache
Miss from cloudfront
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=a29c4877c51b0492b13f47c89877282a&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=a29c4877c51b0492b13f47c89877282a&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
15
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=a29c4877c51b0492b13f47c89877282a&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
825ffcad9bfe39cc-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e84688e5-4eb0-4717-a45b-9a49b557efa5&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e84688e5-4eb0-4717-a45b-9a49b557efa5&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=e84688e5-4eb0-4717-a45b-9a49b557efa5&name=THE_TRADE_DESK
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Kestrel
content-length
319
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sn.ashx
pmp.mxptint.net/ Frame 338A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10C2380A3_3262692F&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
204.2.226.29 Springfield, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-382977389; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-382977389; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09cc2204000d2ba0d880536c&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09cc2204000d2ba0d880536c&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09cc2204000d2ba0d880536c&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Tue, 14 Nov 2023 14:36:29 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Tue, 14 Nov 2023 14:36:29 GMT
Connection
keep-alive
Content-Length
217
Content-Type
text/html; charset=utf-8
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c1bc6491-9583-4497-9cdb-51e9e9c4fa78&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c1bc6491-9583-4497-9cdb-51e9e9c4fa78&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
10
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=c1bc6491-9583-4497-9cdb-51e9e9c4fa78&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
pixel
ap.lijit.com/ Frame 338A 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 14:36:29 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=2eb7ec0e-2bbb-523e-894d-83b5ec1e065b&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=2eb7ec0e-2bbb-523e-894d-83b5ec1e065b&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=2eb7ec0e-2bbb-523e-894d-83b5ec1e065b&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 338A
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=82d3fadc-3f46-4031-b82a-a0d78dc36375&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=82d3fadc-3f46-4031-b82a-a0d78dc36375&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 14 Nov 2023 14:35:59 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=82d3fadc-3f46-4031-b82a-a0d78dc36375&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame 338A 		42 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame 0B2F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 0550
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 1840 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
86c5b1f77ab91e3396d104707ae2e18771892068ee9b4645a78463c83b82308f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1505
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame F350
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame D9B0 		954 B
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.5 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
db4f627ec82da857aca995194ad2df308a775cacae0380e615e764919cda3e02

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
954
content-type
text/html
date
Tue, 14 Nov 2023 14:36:29 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 01F9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936c72756ec70e501fedf3c4d09bc25d375691c63d93bdfd7b0bdd4be52d41e6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825ffcad4a64711b-YYZ
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKgeZ%2Fmg8rBk5L2I28cSEEMJdp3u5qc01%2F3N%2BxvUJKOV0Pa84fVEcEWANT%2F8Fh7VWmcXhsbOOPe7%2FJs6sZZfS%2FtvJ7NbkaPjBdF%2F0DwTqhM1C%2BJR6%2BcoGcIhh%2FVXUvXQ02LkVsLNdRzR4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame 1811
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDR3hFN0twd3dBQUJNWDAwckI4dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=282789838519766230&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AACGxE7KpwwAABMX00rB8w&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D282789838519766230%26gdpr%3D0%26gdpr_conse...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=282789838519766230&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AACGxE7KpwwAABMX00rB8w&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D282789838519766230%26gdpr%3D0%26bee_sync_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=282789838519766230&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACGxE7KpwwAABMX00rB8w...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACGxE7KpwwAABMX00rB8w&gdpr=0
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACGxE7KpwwAABMX00rB8w&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 14:36:30 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACGxE7KpwwAABMX00rB8w&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4F51
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041073707268864632&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041073707268864632&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1d1c86c4-dec5-44c0-915f-9932d0a1cc70
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6041073707268864632&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 64AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVOF7QADxRszbgBi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 14 Nov 2023 14:36:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4535-YYZ
x-timer
S1699972590.732877,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVOF7QADxRszbgBi
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4535-YYZ
x-timer
S1699972590.694051,VS0,VE20
Pug
image2.pubmatic.com/AdServer/ Frame 0E24
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cd3e3df23eea457791e56
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cd3e3df23eea457791e56
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cd3e3df23eea457791e56
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
/
onetag-sys.com/match/ Frame 5C68
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=32f8fcbe-82fb-11ee-b5a7-6398c517eefc
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:27 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
insync
thrtle.com/ Frame 5046
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&vxii_pid=12&vxii_pid1=10067&vxii_rcid=33923aa9-c55c-431e-a1cf-0594103d7aba
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&vxii_pid=12&vxii_pid1=10067&vxii_rcid=33923aa9-c55c-431e-a1cf-0594103d7aba
Protocol
H2
Server
50.17.251.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-251-244.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 14 Nov 2023 14:36:29 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&vxii_pid=12&vxii_pid1=10067&vxii_rcid=33923aa9-c55c-431e-a1cf-0594103d7aba
date
Tue, 14 Nov 2023 14:36:29 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 5046 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 5046 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 5046 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.149.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-149-190.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 14 Nov 2023 14:36:28 GMT
1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5046 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1AC48E06-36FA-4C9B-A79E-A2A44F58EB63?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:a344:818b:7db4:692b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
onetag-sys.com/match/ Frame 5046
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2d800118e0bd0fe8&is_secure=true&networkId=17100&version=1&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGqPkneKAMYQMeZxTnAAAAAAA&expiration=1700058989&nuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&...
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
date
Tue, 14 Nov 2023 14:36:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5046
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61646941-44f5-4768-b56c-8ed88233b33f&gdpr=0&gdpr_consent=
1 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61646941-44f5-4768-b56c-8ed88233b33f&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=61646941-44f5-4768-b56c-8ed88233b33f&gdpr=0&gdpr_consent=
Date
Tue, 14 Nov 2023 14:36:29 GMT
Connection
keep-alive
X-CI-RTID
a7b81118-94d2-48f8-b02d-5f7c1b1144e6
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5046 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.172.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-172-118.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
/
onetag-sys.com/match/ Frame 5046
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8db61b50-8bbe-4753-94ff-68431ae9b4b7-655385ed-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3614904188678941106&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
date
Tue, 14 Nov 2023 14:36:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Server
MT3 1075 283b7e3 master iad iad-pixel-x7 config_version:"455"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 14 Nov 2023 14:36:28 GMT
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOYFSBD2-20-CNOC&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOYFSBD2-20-CNOC&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOYFSBD2-20-CNOC&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2eb7d209ab67664d6226c75331547ba1
Expires
0
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6041073707268864632
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6041073707268864632
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
f7041f28-02fa-409b-bfc6-e8588e998ee7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6041073707268864632
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=8a42d81b36e9915b705a76772136146&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=8a42d81b36e9915b705a76772136146&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=8a42d81b36e9915b705a76772136146&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699972590104009-265
tap.php
pixel.rubiconproject.com/ Frame 1840 		42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iWmc_NjWHzziCZRQmkgb9dUArSnDMmzKnXPFh09Ucs0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1840
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi85DKHpSLXNP78oX7SbGygDwLV8Viay4OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi85DKHpSLXNP78oX7SbGygDwLV8Viay4OA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi85DKHpSLXNP78oX7SbGygDwLV8Viay4OA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=282789838519766230
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=282789838519766230
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=282789838519766230
date
Tue, 14 Nov 2023 14:36:28 GMT
content-length
0
sn.ashx
pmp.mxptint.net/ Frame 1840
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10C2380A3_32A8263A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
204.2.226.29 Springfield, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-382977389; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-382977389; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESECWHj2P6ZoWa2QB0FfITWnw&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECWHj2P6ZoWa2QB0FfITWnw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECWHj2P6ZoWa2QB0FfITWnw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=AvERhqHxeDxU&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=AvERhqHxeDxU&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=AvERhqHxeDxU&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-5fn7g
expires
-1
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=154829677e350fff&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAFrty6Oj4_kQNJXwJcAAAAAAA&expiration=1700058989
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAFrty6Oj4_kQNJXwJcAAAAAAA&expiration=1700058989
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAFrty6Oj4_kQNJXwJcAAAAAAA&expiration=1700058989
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-56xffelE2uFkKcy8Pnj5sNeORshxalgrnUSyCnM-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-56xffelE2uFkKcy8Pnj5sNeORshxalgrnUSyCnM-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-56xffelE2uFkKcy8Pnj5sNeORshxalgrnUSyCnM-~A
date
Tue, 14 Nov 2023 14:36:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=e84688e5-4eb0-4717-a45b-9a49b557efa5&gdpr=0&gdpr_consent=
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 1840
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288127491930335&expires=30&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 1840 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=iWmc_NjWHzziCZRQmkgb9dUArSnDMmzKnXPFh09Ucs0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
sync
visitor.omnitagjs.com/visitor/ Frame D9B0 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=282789838519766230&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
redir
rtb-csync.smartadserver.com/ Frame D9B0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.106 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AACGxE7KpwwAABMX00rB8w&partnerid=127&gdpr=0
Date
Tue, 14 Nov 2023 14:36:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame D9B0
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=282789838519766230&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=282789838519766230&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.229.232.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-232-144.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=282789838519766230&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame D9B0
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjgyNzg5ODM4NTE5NzY2MjMw&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEODsJjiE5cdqHwmo0HJe5Jc&gdpr=0&gdpr_consent=&google_cver=1
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEODsJjiE5cdqHwmo0HJe5Jc&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.106 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEODsJjiE5cdqHwmo0HJe5Jc&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D9B0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041073707268864632&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041073707268864632&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.83.76.106 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
a4909911-8728-4aa8-a62e-0378aa0ded08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=6041073707268864632&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
35759
i6.liadm.com/s/ Frame 01F9
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:8363:f8d9:31ef:349f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=e84688e5-4eb0-4717-a45b-9a49b557efa5
Date
Tue, 14 Nov 2023 14:36:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
usermatchredir
ssum-sec.casalemedia.com/ Frame 01F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVOF6-xSY4415Nzh3mEKZgAADU4AAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIATZmHOtkMXDoCOmeEHut0&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIATZmHOtkMXDoCOmeEHut0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8kXyUGhWfuHJ301H8JMaSdsI1jqr7KPf5Lpq4cZPbpgcml3%2F7afdn1M8SqCbBHAwaKuY7Tq%2Fp8jLMdhDkUoYgig3GMvFcWChz936wPTaPzgO3O5h6pQPvYnzXCL%2FTkYsphZ%2FYNseOz%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffcae3ba3711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIATZmHOtkMXDoCOmeEHut0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 01F9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZVOF6-xSY4415Nzh3mEKZgAADU4AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1QND0JJF17EES4T4D39
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 01F9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVOF6.xSY4415Nzh3mEKZgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSPiXFelP5WgdT1uyq60lG5%2FVhCOSzgxmDcJwOpEl8VhN2wD6xm1VNtef6xsq51sF%2FDv8TSkIbEp07cmr%2F4uJxmfh8bxLx%2BCaTE8yOZBKXTNeVuv28woxit4iRNqmDm%2B3B7N52cPw0bgTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffcae5bb9711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM3w3W2w9Jj8tSnLN4YEYCE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 01F9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.233.15.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-15-134.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-00fd70b4d.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
QOD3uut5Tow=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-0c56b2299.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
IauYw4XoRQY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVOF6.xSY4415Nzh3mEKZgAA%263406
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 01F9
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=0bd8003337fd467d89666fd22c6e50eb&expiration=1702564589
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=0bd8003337fd467d89666fd22c6e50eb&expiration=1702564589
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5kSva%2FeZT8P8g6ZeEveFAuNaOa40uPeiYVC47c25GMLEuzWmW52ARokqTSgPBmDMZr%2FqfzpknaEuV9pnodGl2YwR6GoEltJwEfBgSDJW1%2FaZWJVPeMSnQStzoMn6doEdZFMHGHULI%2FAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffcae7bea711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=0bd8003337fd467d89666fd22c6e50eb&expiration=1702564589
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 01F9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632&us_privacy=1---
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lSuzGGoPkOYCb1dkfdE4RVuGvs1zRYhS3D5Wn0rtNQAcaUwx%2FYdILgK3Iuc0vyzcqNaXdLZhI21iVbC5AZx9s0jeiQ08z5T7UuRIhPSMIjP66n3rq4piAnjpEX0s37Cby47Y7gj1O5wDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ffcaddb22711b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
an-x-request-uuid
fd67d13f-591e-484d-bf2a-fa771fc7bea4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6041073707268864632&us_privacy=1---
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 01F9 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVOF6.xSY4415Nzh3mEKZgAA%263406=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27427
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
825ffcadcd0ca217-YYZ
content-length
43
expires
Wed, 15 Nov 2023 14:36:29 GMT
crum
dsum-sec.casalemedia.com/ Frame 49C0
Redirect Chain
  • https://um4.eqads.com/um/cs?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=141348c9-bfe6-4d9e-9b67-989f1de95576&expiration=1707921389
43 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=141348c9-bfe6-4d9e-9b67-989f1de95576&expiration=1707921389
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825ffcae9c11711b-YYZ
content-length
43
content-type
image/gif
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ek7hhwlgg1aIjtBQ33AzQ2Y4GxTPDy0XQ1awyTiLD1BmCnb9cUO6zgCTqF5VyZSJtMs1fSvBeculp8QN09ETmdC676lFN4EewzvvYdXA349LTk1WFpu747Ly8jE3%2BlQn1zwvwmBhJvfzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=141348c9-bfe6-4d9e-9b67-989f1de95576&expiration=1707921389
usync.js
eus.rubiconproject.com/ Frame 0B2F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19734
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
usync.js
eus.rubiconproject.com/ Frame 0550 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19734
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
sync
gum.criteo.com/ Frame DA00 		88 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
307a3236071f8a1bc2f3847c107a0922f903757f85443fbcc9dbda6a841357e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1157086
expires
60
usync.html
eus.rubiconproject.com/ Frame E834
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 14:36:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 14 Nov 2023 14:36:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 0E0B
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Drkt%26refUrl%3D%26vid%3D997258976834297418966346670...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=rkt&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=1797288127491930335
227 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=rkt&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=1797288127491930335
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
227
content-type
text/html;charset=UTF-8
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Tue, 14 Nov 2023 14:36:29 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 14 Nov 2023 14:36:29 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=rkt&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=1797288127491930335
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=e3757e4c-5ac4-4d51-a40a-4328e5edd2d5
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=e3757e4c-5ac4-4d51-a40a-4328e5edd2d5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-40
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=son&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=e3757e4c-5ac4-4d51-a40a-4328e5edd2d5
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame DA00
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3429741896634667...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=opx&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=577ce8d0-d293-0501-2445-9ee7646bd544
227 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=opx&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=577ce8d0-d293-0501-2445-9ee7646bd544
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
227
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:29 GMT

Redirect headers

date
Tue, 14 Nov 2023 14:36:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3429741896634667000V10&type=opx&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=577ce8d0-d293-0501-2445-9ee7646bd544
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Dr1%26refUrl%3D%26vid%3D99725897683429741896...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5407120235
  • https://sync.1rx.io/usersync/tradedesk/e84688e5-4eb0-4717-a45b-9a49b557efa5
  • https://sync.targeting.unrulymedia.com/csync/RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=r1&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
53 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=r1&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=r1&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX1ae1f1fb4d1a4dd1ae55a26ecf5f9b7d005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cksync
cs.media.net/ Frame DA00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQyOTc0MTg5NjYzNDY2NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJK9AD6ePoNQWfTPldaeClc&google_cver=1
53 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJK9AD6ePoNQWfTPldaeClc&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.56.220.66 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:30 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEJK9AD6ePoNQWfTPldaeClc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Ddxu%26refUrl%3D%26vid%3D99725897683429741896634...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3429741896634667000V10%26type%3Ddxu%26refUrl%3D%26vid%3D99725897683429741...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=dxu&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=AGJjbQI31R2UwJ5
53 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=dxu&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=AGJjbQI31R2UwJ5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-086543ec5aaded8f8@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3429741896634667000V10&type=dxu&refUrl=&vid=99725897683429741896634667000V10&axid_e=&ovsid=AGJjbQI31R2UwJ5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&gdpr=0&gdpr_consent=&us_privacy=
53 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1255772
content-length
0
expires
Tue, 14 Nov 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&google_hm=MmIxNTQ2MTMtYTJlYy00ZDcwLWEyZWItOThmYWVlZjdhM2Qz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDsHOhiwLs68PDtmFypg42A&google_cver=1&ssp=medianet&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 14 Nov 2023 14:36:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=iuuSt-dd1FqWX4OJZZG3
53 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=iuuSt-dd1FqWX4OJZZG3
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:29 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=iuuSt-dd1FqWX4OJZZG3
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3429741896634667000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3429741896634667000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=ae5bd358-524a-408c-bd78-ca63d1560e62&cs=1
53 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=ae5bd358-524a-408c-bd78-ca63d1560e62&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=ae5bd358-524a-408c-bd78-ca63d1560e62&cs=1
date
Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame DA00
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e84688e5-4eb0-4717-a45b-9a49b557efa5
53 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e84688e5-4eb0-4717-a45b-9a49b557efa5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.56.220.66 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:30 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e84688e5-4eb0-4717-a45b-9a49b557efa5
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Kestrel
content-length
199
cksync.php
contextual.media.net/ Frame DA00
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=medianet
53 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:29 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w&pi=medianet
pragma
no-cache
date
Tue, 14 Nov 2023 14:36:29 GMT, Tue, 14 Nov 2023 14:36:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F350 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19734
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
khaos.json
token.rubiconproject.com/ Frame 0B2F 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
khaos.json
token.rubiconproject.com/ Frame 0550 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8bab65602db075726861004da5629947
Expires
0
khaos.json
token.rubiconproject.com/ Frame F350 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 0B2F
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&gdpr=0&us_privacy=1---
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&gdpr=0&us_privacy=1---
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
44.227.56.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-56-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
9
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LOYFSBD2-20-CNOC&name=RUBICON&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2eb7d209ab67664d6226c75331547ba1
Expires
0
log
c21lg-d.media.net/ Frame DA00 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=bCj5Gvxc1qar101LjfgYFFzzB20bnBA-&cs=15&vsid=3429741896634667000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.220.66 Eden Prairie, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-220-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 14:36:30 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 14 Nov 2023 14:36:30 GMT
usync.js
eus.rubiconproject.com/ Frame E834 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.195.94.138 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-94-138.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 20:06:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19734
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 20:05:23 GMT
khaos.json
token.rubiconproject.com/ Frame E834 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LOYFSBD2-20-CNOC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
cksync.php
contextual.media.net/ Frame E834
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LOYFSBD2-20-CNOC
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LOYFSBD2-20-CNOC&us_privacy=1---
53 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LOYFSBD2-20-CNOC&us_privacy=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQ9KO7A&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C404%2C9%2C2011%2C2055%2C3022%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.92.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-92-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 14 Nov 2023 14:36:30 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LOYFSBD2-20-CNOC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5D62 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35654004&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5fe99688d559015c9dc44b41639d3eab48c2020546e398d4769414c7d3f321e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 13 Nov 2023 17:48:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 3729
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
42 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 06:17:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 14 Nov 2023 14:36:30 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2665
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=2b154613-a2ec-4d70-a2eb-98faeef7a3d3
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=9ad21713ece31f7407ebd8f261287fbb&expires=30&ssp=pubmatic&bsw_param=2b154613-a2ec-4d70-a2eb-98faeef7a3d3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 14:36:30 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b154613-a2ec-4d70-a2eb-98faeef7a3d3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288127491930335
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288127491930335
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 14 Nov 2023 14:36:30 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288127491930335
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 26BF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
42 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 14:36:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vx14wWBVUUhNaK1m_OcDKWAJ-So&gdpr=0&gdpr_consent=
i.match
a.tribalfusion.com/ Frame 4B5B 		43 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
825ffcb16bad4bc3-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 3484
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Tue, 14 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
631764
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5756
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AGJjbQI31R2UwJ5&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AGJjbQI31R2UwJ5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 14:36:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:AGJjbQI31R2UwJ5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-091ae14e0257882b9@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A368
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=822d0342-5cc7-4137-baf6-60ca94b1d679&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
42 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.205.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-205-175.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:30 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 14 Nov 2023 14:36:30 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 0618
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5cd9caa4c5e743c39c9c8f2494bb37b8
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5cd9caa4c5e743c39c9c8f2494bb37b8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 06:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5cd9caa4c5e743c39c9c8f2494bb37b8
pragma
no-cache
server
nginx
usersync
usersync.gumgum.com/ Frame 0F45 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:30 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 5D62 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:29 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
16b973ee-c120-447f-b124-267b7e1e64d8
Connection
keep-alive
Content-Length
0
x-application-context
application:production
/
p.adsymptotic.com/d/px/ Frame 5D62
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e9ba065451bb604e00a9dee48867763496cd194f548ae901a75e5d072d78caff791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=02004346
0
0
gdpr_consent=
bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/ Frame 5D62
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent=
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent=
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent=
Protocol
H2
Server
54.156.21.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-21-254.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.215
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63/gdpr=0/gdpr_consent=
cache-control
no-cache
x-server
10.40.51.145
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 5D62 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 5D62
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695382660300420470
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695382660300420470
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5695382660300420470
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F4E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81264674&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
37868238086f6f0f1d939303bdc5d31419fd4082a92013694fb67108ebf49f63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 14 Nov 2023 14:36:30 GMT
content-length
1642
content-type
text/html; charset=UTF-8
receive
pixel.tapad.com/idsync/ex/ Frame 4F4E 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 473E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
42 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 14:36:30 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:iuuSt-dd1FqWX4OJZZG3&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
pubmatic
ad.mrtnsvr.com/sync/ Frame F343 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5F4A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
568 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 14:36:29 GMT
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
Pug
simage2.pubmatic.com/AdServer/ Frame DB8A
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 14 Nov 2023 14:36:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cm
ipac.ctnsnet.com/int/ Frame 3141 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 14 Nov 2023 14:36:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame ADC4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 14 Nov 2023 14:36:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:30 GMT
Expires
Tue, 14 Nov 2023 14:36:29 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master iad iad-pixel-x5 config_version:"455"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame EFAB 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 14 Nov 2023 14:36:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HMJGB0QM19Y2CGR45T76
/
bpi.rtactivate.com/tag/ Frame 4F4E 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.216.205.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-205-237.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 14:36:30 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
28292
i.liadm.com/s/ Frame 4F4E
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3614904188678941106
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JoYJ5GekZZ2MtHuQ7nKN-Lnku0ASOWphxUpugA
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JoYJ5GekZZ2MtHuQ7nKN-Lnku0ASOWphxUpugA
Protocol
HTTP/1.1
Server
44.205.140.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-140-116.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 14:36:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-JoYJ5GekZZ2MtHuQ7nKN-Lnku0ASOWphxUpugA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2169606
content-length
0
expires
Tue, 14 Nov 2023 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4F4E
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=&ct=y
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
54.156.21.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-21-254.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.45
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1AC48E06-36FA-4C9B-A79E-A2A44F58EB63&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.40.62.71
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 3FA8 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:30 GMT
an-x-request-uuid
84daf000-2d6b-4251-a8f1-81cc18ae7d19
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.42; 96.9.249.42; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je3b81v877889940z86335967&_p=1699972585462&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1199800881.1699972586&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699972585&sct=1&seg=1&dl=https%3A%2F%2Ftjoose-by-santander.softonic.com.br%2Fandroid&dt=tjoose%20by%20Santander%20para%20Android%20-%20Download&en=page_view&ep.page_type=program_page&ep.site_language=pt&ep.google_click_id=&ep.test_variant=&ep.pv=undefined&ep.program_id=11b12502-f860-4aa9-bab7-934cbb4a98aa&ep.program_platform=android&ep.program_category=lifestyle&ep.program_sources=c9&ep.program_review_source=dexter&ep.program_download_type=redirectionDownload&ep.program_review_modification_date=2023-10-17&ep.program_opinions=no&ep.program_review_publication_date=2023-07-07&ep.program_has_button_buy=no&ep.program_has_button_download=yes&ep.program_has_gallery=yes&ep.program_has_offer=no&epn.program_user_score=9.2&ep.google_compliant=yes&ep.program_name=tjoose%20by%20Santander&ep.vertical_id=&ep.ecosystem_id=&ep.ad_session_id=undefined&_et=4&tfd=5861
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tjoose-by-santander.softonic.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 14:36:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tjoose-by-santander.softonic.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5046 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159047&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:16:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.richaudience.com
URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4111521597
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=02004346
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture boolean| gdprAppliesGlobally object| didomiConfig function| __uspapi object| dataLayer object| revamp function| gtag function| gtag_report_conversion function| _googCsa object| revampAdRendered object| eventTracker string| GoogleAnalyticsObject function| ga object| webpackJsonp object| didomiEventListeners object| didomiOnReady object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady object| googletag number| googleNDT_ number| googleAltLoader object| google object| __uspapiBuffer function| __sasCookie object| ggeac object| google_js_reporting_queue object| webpackChunkDidomi object| Didomi object| DidomiSanitizing function| __tcfapi object| didomiState number| experimentId_ object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| webpackChunk_softonic_revamp_api function| tdDisplaySlots function| tdDisplayInterstitial object| apstag object| GooglebQhCsO object| gaGlobal undefined| google_measure_js_timing object| gaplugins object| ramp number| google_unique_id object| DD_RUM object| gaData function| Waypoint object| _aps boolean| apstagLOADED object| apscustom object| __bt_intrnl object| __bt object| __bt_tag_d object| __bt_tag_am object| ID5 object| __id5_instances boolean| __bt_already_invoked function| _33AcrossIdMappingsProvider object| categoryConfig undefined| category string| imgPath string| imgSrc object| GoogleGcLKhOms object| google_image_requests

244 Cookies

Domain/Path Name / Value
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: CioKBQgKEL8WCgYI3QEQvxYKBgiiARC_FgoJCP____8HEMkWCgYI0gEQvxY
.softonic.com.br/ Name: _usr_orgn
Value: direct
.softonic.com.br/ Name: _swo_pos
Value: 463
.softonic.com.br/ Name: session.pv
Value: 1
.softonic.com.br/ Name: persistent.fpmUserId
Value: 3555b5d0-4fce-46d7-89fd-e5458f1358ba
.softonic.com.br/ Name: session.fpmSessionId
Value: e1cfa5c7-6515-4718-b694-c5c5b3fa5c09
.softonic.com.br/ Name: _gcl_au
Value: 1.1.1842802859.1699972586
.softonic.com.br/ Name: rv_prebid_position
Value: 224
.softonic.com.br/ Name: rv_test_position
Value: 564
.softonic.com.br/ Name: rv_fp_ad_session_id
Value: 10b62325-a73b-44d8-8abf-cc1dc2f937dc
.softonic.com.br/ Name: rv_fp_pv
Value: 1
.softonic.com.br/ Name: _ga_R5K71YRXMV
Value: GS1.1.1699972585.1.1.1699972586.59.0.0
.softonic.com.br/ Name: rv_google_ppid
Value: 7aec9229-7bd3-4b32-b310-4b43810d8c40
.softonic.com.br/ Name: __gsas
Value: ID=f753efdd167b0a7f:T=1699972585:RT=1699972585:S=ALNI_MaydUtcu0J6_-RNzMuirtgx8JMkdw
.softonic.com.br/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.com.br/ Name: _ga
Value: GA1.3.1199800881.1699972586
.softonic.com.br/ Name: _gid
Value: GA1.3.1708589806.1699972586
.tjoose-by-santander.softonic.com.br/ Name: _ga
Value: GA1.4.1199800881.1699972586
.tjoose-by-santander.softonic.com.br/ Name: _gid
Value: GA1.4.1708589806.1699972586
.doubleclick.net/ Name: IDE
Value: AHWqTUm-H-O8VNTTdu8oUC_M8w8pCM0PgQBCce7wnX1QSVMSpia-reNpggAntfNBMVU
.lijit.com/ Name: ljt_reader
Value: Hp8MjBZHv-8fLS2NQhSP8FDg
.softonic.com.br/ Name: __gads
Value: ID=b7497a86903235e6:T=1699972586:RT=1699972586:S=ALNI_MYl1_jrkCYcg60TpJmrL0rNY9-1JQ
.softonic.com.br/ Name: __gpi
Value: UID=00000a003716d372:T=1699972586:RT=1699972586:S=ALNI_MY88XXt6bf_YTEOofylBktUVHS3aA
.360yield.com/ Name: tuuid
Value: a8e7a22f-8f23-4cf1-b4ab-a65d8f87ba8b
.360yield.com/ Name: tuuid_lu
Value: 1699972586
.richaudience.com/ Name: pdid
Value: d1ea02df-ef59-463b-8d45-0zz1699972586
.omnitagjs.com/ Name: ayl_visitor
Value: 07dc5964429139d5cc88faf2b9c0145d
.33across.com/ Name: check
Value: true
.amazon-adsystem.com/ Name: ad-id
Value: AzTyAJ1K8kwItoO-R1Z6NzY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: ZVOF6.xSY4415Nzh3mEKZgAA
.casalemedia.com/ Name: CMPS
Value: 3406
.casalemedia.com/ Name: CMPRO
Value: 3406
.smartadserver.com/ Name: pid
Value: 282789838519766230
.openx.net/ Name: i
Value: 4cfcbe16-d014-0016-1ddc-2861b2a37465|1699972587
.id5-sync.com/ Name: 3pi
Value:
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDcwNLQwMrQw11EysUTlW5qj8o2M0fgQeQNTc3NjC%2FNaAJfnEE8%3D
.gumgum.com/ Name: vst
Value: u_de9f6146-a209-4f72-b7be-4e912e06e5de
.adnxs.com/ Name: uuid2
Value: 6041073707268864632
.openx.net/ Name: pd
Value: v2|1699972587|vMgavPkWgy
.3lift.com/ Name: tluid
Value: 1374257891300936435884
.mediago.io/ Name: __mguid_
Value: 4df39c496bd7ed1322kl7500loyfsb8h
.yahoo.com/ Name: A3
Value: d=AQABBOuFU2UCEHCspjWGqKYk-yUPKhEYQqwFEgEBAQHXVGVdZQAAAAAA_eMAAA&S=AQAAAhYFbC5DUNB4SRMUdchqnjg
.deepintent.com/ Name: CDIUSER
Value: di_cd3e3df23eea457791e56
.contextweb.com/ Name: V
Value: AvERhqHxeDxU
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8da4504032ef5ad9
.lijit.com/ Name: _ljtrtb_49
Value: jbWWcYzkm0UW
.liadm.com/ Name: lidid
Value: b7f51c96-72c3-499c-bee4-f0d01342a45d
.zemanta.com/ Name: zuid
Value: iuuSt-dd1FqWX4OJZZG3
.bidswitch.net/ Name: tuuid
Value: 2b154613-a2ec-4d70-a2eb-98faeef7a3d3
.bidswitch.net/ Name: c
Value: 1699972587
.bidswitch.net/ Name: tuuid_lu
Value: 1699972587
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDID
Value: e84688e5-4eb0-4717-a45b-9a49b557efa5
.ipredictive.com/ Name: cu
Value: 61646941-44f5-4768-b56c-8ed88233b33f|1699972587320
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCDri86qBjABOgRzygDyQgTKNZXZ.rhDxkIF2rkdGghsql1nX6TOHC1DIRjl6KO7dYiPQ4wM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCDri86qBjABOgRzygDyQgTKNZXZ.rhDxkIF2rkdGghsql1nX6TOHC1DIRjl6KO7dYiPQ4wM
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
.adform.net/ Name: uid
Value: 5695382660300420470
.openx.net/ Name: univ_id
Value: 537072971|e392a2f1-0fab-4fd3-878d-9fce34a36334|1699972587356171
.turn.com/ Name: uid
Value: 3614904188678941106
.rubiconproject.com/ Name: khaos
Value: LOYFSBD2-20-CNOC
.lijit.com/ Name: _ljtrtb_27
Value: e84688e5-4eb0-4717-a45b-9a49b557efa5
.creativecdn.com/ Name: u
Value: hH9BgY0XQ3P1AVd0n8gU
.creativecdn.com/ Name: ts
Value: 1699972587
.rezync.com/ Name: zync-uuid
Value: 889247f7-77b3-4323-ba8a-92f2d95729b4:1699972587.4885225
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: NWM4ZTk1NjhiNzM5NjE5OA
.simpli.fi/ Name: suid
Value: 2F43A2F18EF74BE9B1E8F2A8902FB3DD
.tapad.com/ Name: TapAd_TS
Value: 1699972587628
.tapad.com/ Name: TapAd_DID
Value: cf5e7725-9bab-4ee2-8268-528967c3c7e0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e84688e5-4eb0-4717-a45b-9a49b557efa5&KRTB&22918-e84688e5-4eb0-4717-a45b-9a49b557efa5&KRTB&22926-e84688e5-4eb0-4717-a45b-9a49b557efa5&KRTB&23031-e84688e5-4eb0-4717-a45b-9a49b557efa5
.lijit.com/ Name: _ljtrtb_97
Value: RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD&KRTB&23486-uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD&KRTB&23489-uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD&KRTB&23539-uid:2F43A2F18EF74BE9B1E8F2A8902FB3DD
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFmrZKvC-rREz1ih4csK8lM&KRTB&23025-CAESEFmrZKvC-rREz1ih4csK8lM&KRTB&23386-CAESEFmrZKvC-rREz1ih4csK8lM
.socdm.com/ Name: SOC
Value: ZVOF68Co8YIAAGXJxOwAAAAA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7646
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0MjexNLQ0NjA2NhXiM9RN9QvPdrKsMAzNMEoCAEVbb38lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwQ2AMAwDwA_rBAknwTbbNEIdhMm5-w5KRnEzyMmoRMYsrTA2Xjfhqee6bRMtniU10D-uaeHAOgAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0MjexNLQ0NjA2NhXiM9RN9QvPdrKsMAzNMEoCAEVbb38lAAAA
.criteo.com/ Name: uid
Value: be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8
.id5-sync.com/ Name: id5
Value: 655c7dc4-d665-703a-9391-a33549a78439#1699972587092#2
.linkedin.com/ Name: bcookie
Value: "v=2&38dd1ed2-486a-409c-8119-b66de8c793c4"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3042:u=1:x=1:i=1699972587:t=1700058987:v=2:sig=AQGtUJo9mFtq0lsMjtJxUwcpNM6D1hds"
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnpwe8H56FeXcAJyj4cXM4nQqwJEOIOUVocI66rnmxmRnS4_AtJWr2Q931rpQC4TM1
.bidr.io/ Name: bito
Value: AACGxE7KpwwAABMX00rB8w
.bidr.io/ Name: bitoIsSecure
Value: ok
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2E>>vSJXO!]tbP6j2F-.aDabByFnKcwN`k2dN4f<GyuNkDjP0AqAKxaU-K^%v4VB%nlcW(H:%e
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPWUZTQkQyLTIwLUNOT0MiLCJleHBpcmVzIjoiMjAyNC0wMi0xMlQxNDozNjoyN1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xNFQxNDozNjoyN1oifQ==
live.rezync.com/ Name: sd-session-id
Value: .eJwNzNEOwiAMQNF_6fMw0oJt-ZkFXJcQHZoxX1z8d3m8yc05YX7bvuVm7YB07B-b4P6sozqkE3r9bvaABJ6VUcQjB_VKV6IIvwm69V5fba7LeEQUA6_smAu5QEiuZMlOccVFI6OWkPxNdVBR-BJEIuJw_pjCJRg.ZVOF6w.9DB0qAQuc4_6lDYDjeFwTU4qj54
.primis.tech/ Name: csuuid
Value: 655385ebe2afe
.connatix.com/ Name: cnx_userId
Value: f2627c0f2743496abbc2697e6ca05618
.lijit.com/ Name: ljtrtb
Value: eJwVjLsKAkEMAP8ltYHNkezDTgsLEQRF9q5MbrOF4g8o%2Frt7zRTDMF%2FgAnt4Wq3r8nm9w6PCDqY0nGeOObsguwXkRAmVxbAoFxNJ3lVGm8NoL9fldD8ezkjIcd502Ra3GUmdOnVDbqQDjVBdBHWKvnbpxVLDEAR%2Bf8QvI%2FA%3D
.lijit.com/ Name: _ljtrtb_80
Value: LOYFSBD2-20-CNOC
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: f9cd3e0c-ea9d-4e07-9460-025a748c7df8
.prebid.a-mo.net/ Name: sd_amuid2
Value: f9cd3e0c-ea9d-4e07-9460-025a748c7df8
.hb.yahoo.net/ Name: visitor-id
Value: 3429741886634661000V10
.hb.yahoo.net/ Name: data-mag
Value: LOYFSBD2-20-CNOC~~63
.pippio.com/ Name: did
Value: ilPVxqDOM5Qb24G-
.pippio.com/ Name: didts
Value: 1699972588
.pippio.com/ Name: nnls
Value:
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: fjWKL3AxpF
.sharethrough.com/ Name: stx_user_id
Value: dc42133a-57ad-4d4e-a4a3-88c97df684bb
.intentiq.com/ Name: intentIQCDate
Value: 1699972588216
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdmF4amRD
.intentiq.com/ Name: IQPData
Value: 1611266346#1699972588214#0#1699972588214
.pubmatic.com/ Name: SPugT
Value: 1699972589
.onetag-sys.com/ Name: OTP
Value: Ky9OWKh3rA_8rBVq0GNFT7mzBzdzDmigsTEPh5mi4Io
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231114%22%2C%22141%22%3A%2220231114%22%2C%22143%22%3A%2220231114%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6041073707268864632&KRTB&23339-6041073707268864632
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-61646941-44f5-4768-b56c-8ed88233b33f&KRTB&23011-61646941-44f5-4768-b56c-8ed88233b33f&KRTB&23355-61646941-44f5-4768-b56c-8ed88233b33f
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_cd3e3df23eea457791e56
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2f1q:18vk~2f1q:19e0~2f1q:194o~2f1q"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVOF7QADxRszbgBi
.media.net/ Name: visitor-id
Value: 3429741896634667000V10
.sitescout.com/ Name: ssi
Value: 8db61b50-8bbe-4753-94ff-68431ae9b4b7#1699972589734
.mathtag.com/ Name: uuid
Value: 5ae26553-85ed-4b00-bcf7-a926dde33ab4
.kargo.com/ Name: ktcid
Value: 053b6063-f190-0169-5e52-fab66a351898
.bfmio.com/ Name: __187_cid
Value: 1AC48E06-36FA-4C9B-A79E-A2A44F58EB63
.bfmio.com/ Name: __io_cid
Value: 5c5c360f23e843de2329987612cb444372493ad5
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5OTk3MjU4OTgxMX0
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw81VUb0YcA2xq4F8d%2F%2B2UhK2Qw9VgjOdkVZC2yyiCZcovXFyBLHyRyFmCLu%2B9%2BSqxswXTlCrENRdWhjYxmJ2OPMhi0ft4PJMvFCug5PZLZweeyv8qvdZVywCpxInzVWZuxw%3D%3D
.thrtle.com/ Name: mc
Value: eyJpZCI6IjMzOTIzYWE5LWM1NWMtNDMxZS1hMWNmLTA1OTQxMDNkN2FiYSIsImwiOjE2OTk5NzI1ODk4MTQsInQiOjF9
.eqads.com/ Name: EQUser
Value: UID=141348c9-bfe6-4d9e-9b67-989f1de95576
.demdex.net/ Name: demdex
Value: 27489882098254010643202520436200328467
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8db61b50-8bbe-4753-94ff-68431ae9b4b7-655385ed-5553&KRTB&23418-8db61b50-8bbe-4753-94ff-68431ae9b4b7-655385ed-5553
.mxptint.net/ Name: mxpim
Value: R33647_10C2380A3_3262692F.1.0000000000000000655385ED
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiGkrrho8qyPBAFEhQKBXRhcGFkEgsI_t6I46PKsjwQBRIZCgpsaXZlaW50ZW50EgsIovy99qPKsjwQBRgBIAEoAjILCOb6o6S6yrI8EAU4AVoLYWRjb25kdWN0b3JgAg..
.adgrx.com/ Name: ADGRX_UID
Value: 32f8fcbe-82fb-11ee-b5a7-6398c517eefc
.dpm.demdex.net/ Name: dpm
Value: 27489882098254010643202520436200328467
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10C2380A3_3262692F&KRTB&23092-R33647_10C2380A3_3262692F
.postrelease.com/ Name: visitor
Value: c1bc6491-9583-4497-9cdb-51e9e9c4fa78
.postrelease.com/ Name: status
Value: 1
.media.net/ Name: data-ze
Value: iuuSt-dd1FqWX4OJZZG3~~1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005%22%7D
.go.sonobi.com/ Name: __uis
Value: e3757e4c-5ac4-4d51-a40a-4328e5edd2d5
.go.sonobi.com/ Name: HAPLB8G
Value: s8640|ZVOF8
.media.net/ Name: data-c
Value: be5b6f8e-9606-4bdc-af6a-2f18d4ce6ff8~~1
.media.net/ Name: data-c-ts
Value: 1699972589
.media.net/ Name: data-o
Value: 577ce8d0-d293-0501-2445-9ee7646bd544~~8
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 154829677e350fff
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-32f8fcbe-82fb-11ee-b5a7-6398c517eefc&KRTB&23275-32f8fcbe-82fb-11ee-b5a7-6398c517eefc
.media.net/ Name: data-rk
Value: 1797288127491930335~~8
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGqPkneKAMYQMeZxTnAAAAAAA&KRTB&22713-AAAGqPkneKAMYQMeZxTnAAAAAAA&KRTB&22715-AAAGqPkneKAMYQMeZxTnAAAAAAA&KRTB&23519-AAAGqPkneKAMYQMeZxTnAAAAAAA
.mfadsrvr.com/ Name: tuuid
Value: ae5bd358-524a-408c-bd78-ca63d1560e62
.mfadsrvr.com/ Name: c
Value: 1699972589
.mfadsrvr.com/ Name: tuuid_lu
Value: 1699972589
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3614904188678941106&KRTB&23150-3614904188678941106&KRTB&23527-3614904188678941106
.adotmob.com/ Name: uid
Value: 09cc2204000d2ba0d880536c
.adotmob.com/ Name: uuid
Value: 09cc2204000d2ba0d880536c
.adotmob.com/ Name: partners
Value: AYL%3A1699972589914
.w55c.net/ Name: wfivefivec
Value: AGJjbQI31R2UwJ5
.media.net/ Name: data-rbh
Value: dXzzpCm8pVf_wLB3tMdrVJULGCE500aRHbl0jqOup1w~~1
.media.net/ Name: data-so
Value: e3757e4c-5ac4-4d51-a40a-4328e5edd2d5~~8
.mfadsrvr.com/ Name: ssh
Value: !medianet,1699972589
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-r1
Value: RX-1ae1f1fb-4d1a-4dd1-ae55-a26ecf5f9b7d-005~~8
.media.net/ Name: data-bs
Value: 2b154613-a2ec-4d70-a2eb-98faeef7a3d3~~1
.media.net/ Name: data-r
Value: LOYFSBD2-20-CNOC~~1
.media.net/ Name: data-mf
Value: ae5bd358-524a-408c-bd78-ca63d1560e62~~1
.media.net/ Name: data-g
Value: CAESEJK9AD6ePoNQWfTPldaeClc~~8
.media.net/ Name: data-xu
Value: AGJjbQI31R2UwJ5~~8
.ads.stickyadstv.com/ Name: UID
Value: 8a42d81b36e9915b705a76772136146
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 2eb7ec0e-2bbb-523e-894d-83b5ec1e065b
.betweendigital.com/ Name: ss
Value: 1
.smartadserver.com/ Name: csync
Value: 76:CAESEODsJjiE5cdqHwmo0HJe5Jc|86:6041073707268864632
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: dead61bc-78a4-30d5-80da-28d40350beb8
.technoratimedia.com/ Name: tads_uidp_44
Value: LOY8LGRA-23-4JMH
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 8293362521737376018
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAF_4JB3EfnkQMAnaXCAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 2a3a694f-32b5-4521-8ac5-c41501ad7e2b
.technoratimedia.com/ Name: tads_uidp_61
Value: 212344688389481
.technoratimedia.com/ Name: tads_uidp_62
Value: 3429620956573232000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: InBnLXc55f0T2dxu1xer2k5ps7sDA4jh
.technoratimedia.com/ Name: tads_uidp_7
Value: 13a8a394-e3a8-4349-a34e-e8969022f70e
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_73
Value: AACGxE7KpwwAABMX00rB8w
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-65345790-3efb-4796-87e0-61847bf84494-005
.technoratimedia.com/ Name: tads_uidp_77
Value: XQaX5_bIKi1t2gN0cuoVcPhME6WwONmTgrwxGPVYAcs
.technoratimedia.com/ Name: tads_uidp_79
Value: d184f149-ad41-464b-a5e4-8678a51cafa3
.technoratimedia.com/ Name: tads_uidp_80
Value: y-CdnCFVlE2uFlzWILCFXxylWYPcTU8aap~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZVNWvo7UHuqXwVTp3HTZOgAA&1233
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 1414769480067622427016
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: F90811F7D6314A85920B1BF54471AE23
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231009004227+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nzl|7dN.0.AACGxE7KpwwAABMX00rB8w|7bq.0.1
.rubiconproject.com/ Name: audit
Value: 1|aT9vN1p5eYUgA+aOpjSzNY2TtGmSPJk6OcpZ6H8eatbhj9K5Ghav9fBJm7/Enml1frfh3Xe/bN3qFTrNE4+z9rxKcI79UbrhPi38Q7tiQHa+ylV6cuCuehSlhZWsoOn4Tc5gaaihuXs=
.betweendigital.com/ Name: ut
Value: ZVOF7gADHODsEEh2o0-ZCLQ2y6BcvZAkQK1_xQ==
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACGxE7KpwwAABMX00rB8w
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMIQ6AMBBE0ZBgUT1HSbu7ZXa4TRvSAyGRSCQnxEGQT_x_D1NeSEIKkyZc42snTPcAd4qhIwJNo6lobNVrpHTZWCBstr4RZnMvIuUI3wmeeP6c0wODzZbBegAAAA
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1701129600%3A263_201_245%7C1700870400%3A257%7C1701043200%3A262_258_261_256_260_259%7C1700524800%3A253_265_252%7C1700006400%3A255_248
.pubmatic.com/ Name: SyncRTB3
Value: 1701129600%3A48_220_214_234_196_35_249_13_7_21_54_250%7C1701043200%3A3_56_166_233_104_55_8_264_71_46_176_22_178_240_231_165_5%7C1700524800%3A223_2%7C1700697600%3A63%7C1700438400%3A15%7C1702512000%3A224
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1797288127491930335
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23334-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23417-vx14wWBVUUhNaK1m_OcDKWAJ-So&KRTB&23426-vx14wWBVUUhNaK1m_OcDKWAJ-So
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:AGJjbQI31R2UwJ5&KRTB&23421-uid:AGJjbQI31R2UwJ5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5695382660300420470&KRTB&23263-5695382660300420470&KRTB&23481-5695382660300420470
.rlcdn.com/ Name: rlas3
Value: +1M+lRSs3KLV9guI7l7DuYFUWlgq21MbfAnObPjmqeo=
.rlcdn.com/ Name: pxrc
Value: COuLzqoGEgUI6EcQAxIGCJC8KxAA
.tribalfusion.com/ Name: ANON_ID
Value: a1nv7yMwTkE6XlypqtMSXU7TOcZdOb7a7QF3ZbBdYHMkTHrfZbl3ZcZbqAGTyrZcRKj6VEZd2vbkrVjtLfwQ2vpZdSQ2U33VTZaKcw7asp9wTnQ2MBXrr7YmlfjZd4
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:iuuSt-dd1FqWX4OJZZG3&KRTB&23513-uid:iuuSt-dd1FqWX4OJZZG3&KRTB&23537-uid:iuuSt-dd1FqWX4OJZZG3
.pippio.com/ Name: pxrc
Value: CO6LzqoGEgYI36wrEAA=
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:5ae26553-85ed-4b00-bcf7-a926dde33ab4
.quantserve.com/ Name: d
Value: ENwBCwG2KvijAA
.quantserve.com/ Name: mc
Value: 655385ee-664b0-97cdd-79d38
.ctnsnet.com/ Name: cid
Value: 0bd8003337fd467d89666fd22c6e50eb
.acuityplatform.com/ Name: auid
Value: 852393758830
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRXNIMluWmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVzSDJblo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.media.net/ Name: data-ttd
Value: e84688e5-4eb0-4717-a45b-9a49b557efa5~~1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It&KRTB&19420-5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It&KRTB&22979-5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It&KRTB&23462-5au4e-ur6C3-qLt8sa6gceT96Sz-qbQs4Kb3F3It
.adstanding.com/ Name: _adstanding_id
Value: 9ad21713ece31f7407ebd8f261287fbb
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 8eaba225783ccdc8fc3dbc0d9f49e49
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-822d0342-5cc7-4137-baf6-60ca94b1d679&KRTB&23340-822d0342-5cc7-4137-baf6-60ca94b1d679&KRTB&23498-822d0342-5cc7-4137-baf6-60ca94b1d679
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2b154613-a2ec-4d70-a2eb-98faeef7a3d3
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 970089b4-5f70-4103-9679-788eec8465ea
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 9aypg%2Bygpyzq%2B5alTb%2F79CHAkAzNW%2B2OD1ioV9V5EXTqzSqI1MI61rxujuNPyz73dZmG4i%2BIMm0KhHWJKDGXNw%3D%3D
.adx.opera.com/ Name: UID
Value: OPU5cd9caa4c5e743c39c9c8f2494bb37b8
.csync.loopme.me/ Name: viewer_token
Value: 1982a0aa-681f-48d2-9069-eb14ecf3da64
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU5cd9caa4c5e743c39c9c8f2494bb37b8&KRTB&23485-OPU5cd9caa4c5e743c39c9c8f2494bb37b8&KRTB&23524-OPU5cd9caa4c5e743c39c9c8f2494bb37b8
.pubmatic.com/ Name: PugT
Value: 1699942042
tjoose-by-santander.softonic.com.br/ Name: _dd_s
Value: rum=0&expire=1699973486208

4 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/search/ads.js(Line 211)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%201AC48E06-36FA-4C9B-A79E-A2A44F58EB63&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=852393758830
Message:
Failed to load resource: the server responded with a status of 502 ()
javascript warning URL: https://tjoose-by-santander.softonic.com.br/android
Message:
The resource https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/11b12502-f860-4aa9-bab7-934cbb4a98aa/980041143/tjoose-by-santander-screenshot was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12325200.fls.doubleclick.net
8876029.fls.doubleclick.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
ampcid.google.com
analytics.google.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
articles-img.sftcdn.net
b1sync.zemanta.com
bc196902c12079ff9bf29d6070efe5ed.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bpi.rtactivate.com
brightcombid.marphezis.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.indexww.com
ce.lijit.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
crb.kargo.com
creativecdn.com
cs.media.net
cs.yellowblue.io
csync.loopme.me
csync.smilewanted.com
d.turn.com
data.adsrvr.org
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.sftcdn.net
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
notix.io
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
sc.sftcdn.net
sdk.privacy-center.org
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
softonic.com.br
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
storage.googleapis.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tg.socdm.com
thrtle.com
tjoose-by-santander.softonic.com.br
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
visitor-us-west-2.omnitagjs.com
visitor.omnitagjs.com
www.adsensecustomsearchads.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.mrtnsvr.com
p.adsymptotic.com
sync.richaudience.com
104.18.35.167
104.18.38.76
104.36.115.111
107.178.254.65
124.146.153.162
13.249.181.27
13.249.190.82
130.211.23.194
139.45.240.92
147.75.198.144
15.197.193.217
151.101.193.91
151.101.65.108
151.101.66.49
162.19.138.119
162.19.138.120
162.248.18.37
172.217.13.102
172.217.13.194
172.217.13.198
172.64.146.152
172.64.151.101
172.67.10.198
173.231.178.115
178.128.135.204
18.161.23.84
18.161.31.77
18.161.34.37
18.205.170.196
18.233.15.134
18.239.168.37
18.239.168.67
185.167.164.39
185.184.8.90
188.42.34.64
192.132.33.67
198.148.27.131
199.127.204.142
199.38.167.130
2001:4860:4802:34::181
204.2.226.29
207.198.113.88
208.115.232.150
213.19.162.90
216.22.16.5
23.1.200.83
23.195.92.23
23.195.94.138
23.220.188.219
23.40.179.63
23.56.220.66
23.83.76.106
2600:141b:1c00:19::17c8:580c
2600:141b:1c00:488::29cc
2600:1901:0:8344::
2600:1f18:4e9:5a02:a344:818b:7db4:692b
2600:1f18:ed:550f:8363:f8d9:31ef:349f
2600:9000:2209:9200:1b:6b7d:2300:93a1
2600:9000:24eb:8800:5:b7cc:d3c0:93a1
2600:9000:24ef:d400:1a:5235:f980:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:4ad8
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700::6812:18ad
2606:ae80:1451:20::1690
2607:f8b0:4004:c08::9d
2607:f8b0:4020:804::2002
2607:f8b0:4020:804::200e
2607:f8b0:4020:804::201b
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200e
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
3.138.212.158
3.223.229.49
3.225.65.162
3.229.232.144
34.111.113.62
34.120.63.153
34.149.50.64
34.195.156.160
34.196.172.118
34.200.65.202
34.231.99.255
34.252.126.63
34.98.64.218
35.172.99.217
35.186.193.173
35.190.60.146
35.194.66.159
35.207.24.140
35.208.249.213
35.211.178.172
35.214.180.112
35.227.233.104
38.91.45.7
40.76.134.238
44.205.140.116
44.216.205.237
44.227.56.135
45.137.176.88
5.161.124.197
50.17.251.244
50.31.142.191
51.222.239.232
52.200.68.59
52.205.149.190
52.206.205.175
52.223.22.214
52.223.40.198
52.23.71.199
52.46.128.147
52.7.162.39
52.73.146.218
54.144.102.175
54.152.44.123
54.156.21.254
54.208.7.195
54.239.38.253
63.251.28.133
63.251.86.51
68.67.160.137
69.166.1.34
69.173.151.100
69.90.254.78
74.119.119.150
74.121.140.211
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
82.145.213.8
0070aef6f01ceef01dd68aff81c20df0e7fbbf64bb6a51071532526f1f0f2636
0148f8f91e2ef35d38ba66c9e01f3deeab27bfedcddc77cd782908c401ac9ca8
01e63f4daa8075e8ee7533216e9039ad1aba872251ff6b8ca0d6f7aa31484862
034a557c4063abff5a04c474a6b2c5d8f6eb5557ab011ec443e2c946180253b7
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0416717013a7e911bf0dead98aa3c1062d686c9fc21a3f2b6c8625fdea5139e5
0429096e9d4d09f35c22663f0082dc51d46c915425e1a9df0ec6a789ade7eed5
046a05c4250f887f16e59595cd67caa6bf011721086e45255eafe1a487f249be
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0ab6d70568362d41ca559b8990fdf0a2e5dccb939e199866ca99ede2d225649d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1083d4fdfd27206b20f4a7d55701f1317cfed551cfec6afb92b236e3ddbf5f20
119c4986c68a9febdfeba43085fc1aa7e2bfb3c143195685ef681f25a0f655ce
11e9593a95c81170f43608d42ed25f23c3b958f91406f30e3908a07a7267ff83
16203690fe9fed36f4a66bfb6c25b8a21f3770f7da59f169b581b0ed6215c7c3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a0161c0348e9c0e6143dca8dac6a3b580187ee5c89a135b13a9250fd82fbc5f
1b590a7197e26e8e6e406a81b6ff35d90f1b1392fdf567823110f5b859b244ee
1c53dda67016a83a63697272a609e9ffddbf2c0dc2f67234f6619d954f1d78ee
1c996febe2406193a8f4f29f33e6368f1ac678773895375fa183cfa2fabe6195
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
21de929c857298edc2134954baf9214565858a35f4c8fda32885931e475d01ae
239b77a96aecdf55b7953dc5f142d4397f48dd5c7f8e9490a0057110a8a18cb9
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689
2bcccea02498d9f7d3e7c25a4a3ff7a53e531e74722ce2925203dd1bcfc0cef2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa690c80cd253d0dfb652c7ae2c66dc7af9f2184e59f1c3f2337ce981879d77
307a3236071f8a1bc2f3847c107a0922f903757f85443fbcc9dbda6a841357e7
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
30db4bd04faf232260ad8349b7a55ccb08474282427146689f3ded47592f0033
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34f1068c21defa09b1d847fe78418dddf91d7a99beb71911b1655c01e0fc7770
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37868238086f6f0f1d939303bdc5d31419fd4082a92013694fb67108ebf49f63
3878d5426a1e7aa26057a84fbc854e1c63c6671a78739dacbb9d522150dc5b10
3b20eac36676f9f9c129d76d455fe0cdf699988d57dca52a3e21fcc239018ae7
3ba72a79f8fa7909b695e25ab0fd636f496ebd6acfdc80919c88b571d3c23b43
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db5a2e268a0f2ef20820cd5cdc1de6b4e2b5ab94f43755517bbc0cc1cf26c54
3e19577d1642bd7dc4c37887d92c5561eca64de177d9bbee84d37e59511b70ed
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edfbc46685f6b4a7652dd6394237067f0a481d6631b1951a016a00e05058306
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40951b05c07e842e09c54e28714d00bef0bc9a2edff2f32fc4ea710df819f4f8
413260592943e213ded265a5101b24183a3f545ad847af4b32b68bdd117891f8
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
42f312d5df0850c52e11834412050dda2f4618076fcd386c2b99936209d0497b
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
4545056e218b4b36a0cacc2701d322d77b3d5d847ca0e0393c4a18bb04149337
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c19dcd9f53f03c17141f98823934c46a9432aa7b218ec772dd0a22724891daa
4c99596368ded9b9e108379675d46afea522b61c721842cf1dc447cc444d3b3b
4ca3a346b66b1767b7782331e19e549015193a182d52cbebb09470b06f44ee43
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1c1ed318f5d319596748cc47bcd0dee2b8790dca9deed9852444226854e2b2
4f1565e97106fd06ee8f2901f0fb95ca1e0fcd29b48211fbc0f3e07cbaf24214
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f7687059311ddad229a15ce7fd969ea348d8d0461e971b44176460b133d9f04
5034c73d02021c531e7987c171d786d73f1a9a8276d61141cdcdc7879ef21f8a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a45ec35ac23a016290f2964ede5f727495f0855f0729f3188b407145c3e9f7f
5b015739fad6215c2bb2a87f50c723282d681988a9f5f7f8362b60de9939fe12
5fe99688d559015c9dc44b41639d3eab48c2020546e398d4769414c7d3f321e1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6535b5d71e2c0af62fbafe2558bac3b11ca13471da1a6a9a27bd2144ee3c6fd9
674126927fc062ff50e3570cad0bbc72e2339d1d9c8d01b2c0bf69ae19c93337
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cb6aab814bb4585646220e471f0a9345bb859e9acced6fc4736b782167e0a9f
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07
7242670019dd184928226c4c3344d241bc5f3637c74678ce2ec5e8a6caf52f6c
727bd766f9994591dc127b1570f83dd84fe356a3804f584ccc4f1dad4c52bc00
72b234bf0d770182927eabe10f5c05bfb3e5b6fbe9e589628a281bdd14fc56a5
75e69cf6adf7a697cd6900d8eae011f738a1b1c09bdbf264b8e8c3e220913715
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
793f95e0d1a441215cf5747dfca075efdc4bfcba0a7409c8256b46f94365719a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a141761051f2f24406aa51662d2e2bc078e4050d2697819eafc6899d1972611
7a354c3fe4fb6a7ac3f42c77578e1c4739c900b37a6868bb7b8eb420868c6a2c
7b77edc231eac7d0acf71e748cb2a3a0b2de0029ff7b35ca9265ce23364b9996
7e01c9991f2412425d9b0c2def715b19ff34a4a6f1371568e3131d0a0d0f4992
7e246fd2a4cb8e1634db463b3828532c249d55b60895191a635ff3ef59fe17ea
7ed31a5c041115c571d51c8045c775e62b6a49d5a1d077b73c936b136987f75a
8019ed3077c04437742837e3b06627ae4cf751aaab2cfda96678eb7676704829
80bb73a90ab868182222fd3d4bc856e4d09c90e2db8bb64114df261006b6478c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
863066ca0bca9f6cec60f46e02e79ef6bb3f349a00127d0392341d30492b0d81
86c5b1f77ab91e3396d104707ae2e18771892068ee9b4645a78463c83b82308f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91f41aa20e1cad87814f281a628c2c35781bf15b06e562b4827fd647d2bf1bc7
936c72756ec70e501fedf3c4d09bc25d375691c63d93bdfd7b0bdd4be52d41e6
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
947b2326227ef746a20cc00a8faa2d7484be02651a1e31a7db15079665eef79e
9836d6ac2e15977d74da230eec15344d87903c825a6364b029cdc3915fd25198
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
9ba83a2fefc5d3c424bd9f4a424826d63db2db84612ac70f4cc8ff19f67267b2
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f5277de7c2235367b581e14a15b6ceca430cdcbccadecb2f52c8bf0d5a9a80d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a20346abd6a3d921126e370fd651d17df742c597a6071a6bc02b664311100a22
a32da315e07f85aeae94e9563c70977912547645b445a8b5c1add767954e63b5
a5be651e2053a2ba14f764e87635a65bd269eaaf3bfd2c8c08ad042d8f72f43f
a9fc51a0cb088e97319e0acf0c8384129336d95863d623b2237073f76c3fc408
aa4f3bcc348ada237ef33045f90bd8a45b8303a51da574425d00e203a393716c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad28aedc3aa613cbb7675258a3eb1220c740a3e13c35f4fd27469e540b322cc1
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b10d7810157d2c66c506d22f3452e8ebfdf88946684f048568f68de6684e15cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba878e7d2be16e9ed37d51e1bfaad2bc8ce7c939175c8b8576e3433cf550bbf7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c10bd9250f073f419b268153557c35a4cce7e1aebae956b7c40358c36e77937e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e
c862608be54079ca26fc5c4c53c43165c7680a67e0eef36405c306195da5aac3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d006048561ac8b95a6f79cc150cb04c8f5b0ecb7db84299c5cd42775d5fc6a20
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9f645e67d6c732565b0b0b88fa6e5b55ca65191ca1d3533f41dff25e0f9b34e
da6493e5bb27549a2c3795b770b485609f525aa5b308e5f04a2ac52cd5df9e0e
db4f627ec82da857aca995194ad2df308a775cacae0380e615e764919cda3e02
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dceef15adeed016003cf3eaf36a4dc080f829ab0d13adf679ea9c04a83eb72a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e108dd2a173e163eb49c2f620107f38e021d92e670f23c6ed226aeb29abfef09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f1ccbc9149f6ce4cf24550e43535461c89090cb7eec31c0bdb04c241c2635e
e9589f19a5ba6221c286b7e0f85e7aec703a59391457a76ac64784470fc40e29
e98b2bc28e90e0618719d099de8ea22a6ce9207d2fef27944762ba9af9d0d92a
ece27dff32566f39f488c688f4d10e210db169e7ade7adf50d8413f729af9758
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bac7f6375703c2d5ec4acd3150dc9664121a100b70de1d97336597873551c1
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f5a1a648021e5b69e5d3c55f867f9be61f8c99c91fe29fa8fda68a15ce8674f5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e4cfab299bcd15cad2ab2e6728a4f2da0bcc9ec11263c0965c5992f8e45d9c
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb
f9f15efa0e265d3b1d84b31763821e78b6614c3eac7c7d3809ba810de0befa38
fc665ab3b4a1f15099038b1fce905508beb0e8ab5515793a5a314c596ada40d8
fc9c8493ddd5019d476ce812f879f14c10cd28a2a6f8391a381455d9e9354e4c