urlscan.io logo urlscan.io
SecurityTrails logo

www.dicio.com.br Open in urlscan Pro
167.114.102.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dicio.com.br/
Effective URL: https://www.dicio.com.br/
Submission: On June 16 via manual from PT — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 164 IPs in 15 countries across 160 domains to perform 1381 HTTP transactions. The main IP is 167.114.102.18, located in Montreal, Canada and belongs to OVH, FR. The main domain is www.dicio.com.br. The Cisco Umbrella rank of the primary domain is 165798.
TLS certificate: Issued by R3 on May 30th 2023. Valid for: 3 months.
This is the only time www.dicio.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 167.114.102.18 16276 (OVH)
24 2a02:6ea0:c45... 60068 (CDN77 ^_^)
4 2606:4700::68... 13335 (CLOUDFLAR...)
18 2607:f8b0:402... 15169 (GOOGLE)
2 2600:1901:1:c... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
8 143.204.151.99 16509 (AMAZON-02)
1 144.217.229.192 16276 (OVH)
2 9 13.35.93.51 16509 (AMAZON-02)
9 2a04:4e42:79:... 54113 (FASTLY)
5 2a04:4e42:79:... 54113 (FASTLY)
1 13.35.93.37 16509 (AMAZON-02)
1 23.39.253.208 20940 (AKAMAI-ASN1)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2607:f8b0:402... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.164.107.227 16509 (AMAZON-02)
15 2620:100:a001::4 19750 (AS-CRITEO)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.128.46 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
1 2600:9000:251... 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 52.85.61.52 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:402... 15169 (GOOGLE)
2 2600:1901:0:5... 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2600:1901:1:b... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
10 21 2620:100:a001::c 19750 (AS-CRITEO)
3 5 141.95.98.64 16276 (OVH)
46 2607:f8b0:402... 15169 (GOOGLE)
3 52.86.219.236 14618 (AMAZON-AES)
2 38 52.46.128.147 16509 (AMAZON-02)
5 2607:f8b0:402... 15169 (GOOGLE)
11 74.119.119.139 19750 (AS-CRITEO)
2 6 34.98.64.218 396982 (GOOGLE-CL...)
6 2607:f8b0:402... 15169 (GOOGLE)
4 13 2600:1f18:4e9... 14618 (AMAZON-AES)
17 18 3.33.220.150 16509 (AMAZON-02)
39 194 172.217.13.162 15169 (GOOGLE)
49 49 35.211.178.172 15169 (GOOGLE)
4 4 100.25.122.4 14618 (AMAZON-AES)
1 10 184.24.36.23 16625 (AKAMAI-AS)
14 14 52.22.231.91 14618 (AMAZON-AES)
2 51.222.239.232 16276 (OVH)
10 10 35.236.220.17 396982 (GOOGLE-CL...)
16 16 70.42.32.159 13789 (INTERNAP-...)
1 3.226.160.148 14618 (AMAZON-AES)
5 81 192.40.39.223 27381 (CASALE-MEDIA)
5 5 216.22.16.4 30633 (LEASEWEB-...)
14 14 2606:ae80:145... 25751 (VALUECLICK)
30 23.220.188.195 16625 (AKAMAI-AS)
40 23.192.31.127 16625 (AKAMAI-AS)
13 16 3.225.218.10 14618 (AMAZON-AES)
30 39 72.251.238.254 32475 (SINGLEHOP...)
1 100 63.251.86.50 10913 (INTERNAP-BLK)
4 8 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
16 17 68.67.160.76 29990 (ASN-APPNEX)
7 47 35.244.159.8 15169 (GOOGLE)
7 7 2620:112:f002... 6336 (TURN-US-ASN)
5 6 151.101.2.49 54113 (FASTLY)
7 7 68.67.160.132 29990 (ASN-APPNEX)
1 20 52.207.45.55 14618 (AMAZON-AES)
2 2 52.203.174.216 14618 (AMAZON-AES)
5 5 52.0.31.80 14618 (AMAZON-AES)
8 10 23.3.115.129 16625 (AKAMAI-AS)
6 6 198.148.27.140 19189 (PULSEPOINT)
3 3 64.202.112.191 22075 (AS-OUTBRAIN)
1 3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 54.243.211.206 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 3 169.197.150.8 398989 (DEEPINTENT)
1 174.137.133.32 27257 (WEBAIR-IN...)
1 8.2.111.13 46636 (NATCOWEB)
10 10 216.200.232.253 30419 (MEDIAMATH...)
13 19 8.43.72.97 26667 (RUBICONPR...)
3 14 104.36.115.113 62713 (AS-PUBMATIC)
1 1 124.146.215.42 2514 (INFOSPHER...)
1 1 80.77.87.163 46636 (NATCOWEB)
10 18 185.184.8.90 204995 (RTB-HOUSE...)
1 6 54.85.104.179 14618 (AMAZON-AES)
4 4 104.102.111.7 16625 (AKAMAI-AS)
7 7 35.207.24.140 15169 (GOOGLE)
1 1 213.19.162.80 26667 (RUBICONPR...)
9 13.225.214.87 16509 (AMAZON-02)
10 10 69.173.151.100 26667 (RUBICONPR...)
5 8 34.111.113.62 396982 (GOOGLE-CL...)
5 26 52.223.22.214 16509 (AMAZON-02)
1 2 3.233.21.199 14618 (AMAZON-AES)
2 35 8.28.7.83 62713 (AS-PUBMATIC)
1 52.95.126.138 16509 (AMAZON-02)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2602:803:c002... 26667 (RUBICONPR...)
1 208.115.232.150 46475 (LIMESTONE...)
16 23.105.12.144 30633 (LEASEWEB-...)
8 104.18.24.185 13335 (CLOUDFLAR...)
9 104.36.115.111 62713 (AS-PUBMATIC)
8 2620:100:a001... 19750 (AS-CRITEO)
4 13.225.63.107 16509 (AMAZON-02)
39 2607:f8b0:402... 15169 (GOOGLE)
1 34.225.41.163 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2600:9000:214... 16509 (AMAZON-02)
26 18.206.31.91 14618 (AMAZON-AES)
11 23.220.189.155 16625 (AKAMAI-AS)
7 2602:803:c002... 26667 (RUBICONPR...)
19 2607:f8b0:400... 15169 (GOOGLE)
1 2 146.20.128.169 27357 (RACKSPACE)
1 2 23.52.160.7 16625 (AKAMAI-AS)
2 6 162.248.18.34 62713 (AS-PUBMATIC)
1 52.44.30.82 14618 (AMAZON-AES)
86 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 192.35.249.137 11742 (SPOTX-IAD)
17 172.217.13.98 15169 (GOOGLE)
1 3 63.251.28.234 13789 (INTERNAP-...)
7 39 23.105.12.150 30633 (LEASEWEB-...)
6 6 199.38.167.130 54312 (ROCKETFUEL)
1 44.209.177.129 14618 (AMAZON-AES)
1 54.204.174.60 14618 (AMAZON-AES)
1 54.170.109.87 16509 (AMAZON-02)
3 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 44.208.128.231 14618 (AMAZON-AES)
1 202.233.84.1 131957 (MICROAD M...)
2 2 69.166.1.12 27630 (AS-XFERNET)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
8 104.18.10.47 13335 (CLOUDFLAR...)
21 21 2620:116:800b... 14618 (AMAZON-AES)
4 2600:1f18:1c9... 14618 (AMAZON-AES)
2 2 18.224.253.134 16509 (AMAZON-02)
8 168.119.72.236 24940 (HETZNER-AS)
1 15.235.42.103 16276 (OVH)
6 7 35.214.161.112 15169 (GOOGLE)
5 5 74.119.119.150 19750 (AS-CRITEO)
2 2 2600:9000:220... 16509 (AMAZON-02)
3 4 34.200.58.84 14618 (AMAZON-AES)
12 12 207.198.113.86 13768 (COGECO-PEER1)
1 1 23.235.251.213 19437 (SS-ASH)
8 8 3.233.84.12 14618 (AMAZON-AES)
29 34 199.127.204.171 26120 (RHYTHMONE)
10 13 34.96.105.8 396982 (GOOGLE-CL...)
5 5 69.90.254.78 13768 (COGECO-PEER1)
1 2 44.213.57.151 14618 (AMAZON-AES)
2 2 35.210.53.219 15169 (GOOGLE)
10 11 185.167.164.49 198622 (ADFORM)
2 3 35.186.253.211 15169 (GOOGLE)
1 1 107.22.93.74 14618 (AMAZON-AES)
5 7 52.44.244.58 14618 (AMAZON-AES)
8 8 34.96.71.22 396982 (GOOGLE-CL...)
11 14 173.231.178.83 32475 (SINGLEHOP...)
8 104.18.11.47 13335 (CLOUDFLAR...)
2 2 192.132.33.46 18568 (BIDTELLECT)
3 3 35.190.90.30 15169 (GOOGLE)
2 3 35.186.193.173 15169 (GOOGLE)
3 34.192.101.54 14618 (AMAZON-AES)
2 3 54.152.227.11 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 108.139.29.114 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 52.204.92.248 14618 (AMAZON-AES)
1 3 50.57.31.206 19994 (RACKSPACE)
3 4 38.98.69.175 174 (COGENT-174)
2 2 34.230.97.77 14618 (AMAZON-AES)
5 5 54.205.17.152 14618 (AMAZON-AES)
1 1 51.68.39.188 16276 (OVH)
2 4 3.227.128.167 14618 (AMAZON-AES)
20 23.52.163.93 16625 (AKAMAI-AS)
2 2 35.244.216.234 15169 (GOOGLE)
6 6 23.40.3.193 20940 (AKAMAI-ASN1)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 157.90.40.26 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
1 34.203.16.231 14618 (AMAZON-AES)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 37.157.6.254 198622 (ADFORM)
1 2 18.214.175.210 14618 (AMAZON-AES)
5 5 146.59.148.16 16276 (OVH)
2 2 50.16.197.56 14618 (AMAZON-AES)
2 2 76.13.32.147 26101 (YAHOO-BF1)
1 158.69.248.161 16276 (OVH)
4 151.139.128.10 20446 (STACKPATH...)
16 141.94.202.176 16276 (OVH)
2 2620:1ec:48:1... 8075 (MICROSOFT...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2 20.110.205.119 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 3.230.35.231 14618 (AMAZON-AES)
1 104.211.35.148 8075 (MICROSOFT...)
6 8 3.213.144.48 14618 (AMAZON-AES)
2 2 188.42.34.65 7979 (SERVERS-COM)
1 35.201.123.184 396982 (GOOGLE-CL...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
7 34.202.103.121 14618 (AMAZON-AES)
8 8 67.202.105.21 32748 (STEADFAST)
1 1 67.202.105.31 32748 (STEADFAST)
1 67.202.105.33 32748 (STEADFAST)
1 1 64.247.193.142 11320 (LIGHTEDGE...)
2 13 147.28.129.37 54825 (PACKET)
3 3 162.248.18.32 62713 (AS-PUBMATIC)
1 34.102.185.99 396982 (GOOGLE-CL...)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 1 23.52.161.201 16625 (AKAMAI-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 37.157.6.243 198622 (ADFORM)
4 34.195.62.251 14618 (AMAZON-AES)
6 2404:6800:400... 15169 (GOOGLE)
2 142.251.167.154 15169 (GOOGLE)
1 1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
7 209.54.180.76 16509 (AMAZON-02)
1 8.28.7.92 62713 (AS-PUBMATIC)
1381 164
8    167.114.102.18 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ca.d.7gra.us
dicio.com.br
www.dicio.com.br
24    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
static.dicio.com.br
cdn.7gra.us
cdn.insurads.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
18    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)
open.spotify.com
2    2607:f8b0:4006:80c::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    144.217.229.192 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip192.ip-144-217-229.net
eu.7gra.us
9    13.35.93.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-51.jfk50.r.cloudfront.net
sb.scorecardresearch.com
9    2a04:4e42:79::763 (United States)

ASN54113 (FASTLY, US)
open.spotifycdn.com
5    2a04:4e42:79::760 (United States)

ASN54113 (FASTLY, US)
encore.scdn.co
i.scdn.co
1    13.35.93.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-37.jfk50.r.cloudfront.net
ats.rlcdn.com
1    23.39.253.208 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-39-253-208.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
9    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
15    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2600:9000:2511:a800:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o22381.ingest.sentry.io
1    2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    52.85.61.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-52.ewr53.r.cloudfront.net
geo.privacymanager.io
1    2607:f8b0:4006:80d::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.ca
2    2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
apresolve.spotify.com
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2607:f8b0:4006:824::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
8    2600:1901:1:b99:: (United States)

ASN15169 (GOOGLE, US)
gue1-spclient.spotify.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
21    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
5    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
46    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
googleads.g.doubleclick.net
pubads.g.doubleclick.net
3    52.86.219.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-236.compute-1.amazonaws.com
bcp.crwdcntrl.net
38    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com
11    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
6    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
13    2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
18    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
194    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
ade.googlesyndication.com
49    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    100.25.122.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-122-4.compute-1.amazonaws.com
ad.360yield.com
10    184.24.36.23 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-36-23.deploy.static.akamaitechnologies.com
cs.media.net
warp.media.net
c21lg-d.media.net
lg3.media.net
hblg.media.net
14    52.22.231.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-231-91.compute-1.amazonaws.com
match.prod.bidr.io
2    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
10    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
16    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    3.226.160.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-160-148.compute-1.amazonaws.com
rtb.gumgum.com
81    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
ssum.casalemedia.com
5    216.22.16.4 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
14    2606:ae80:1451:21::440 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
33across-match.dotomi.com
medianet-match.dotomi.com
30    23.220.188.195 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
40    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
16    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
39    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
100    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
8    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
17    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
47    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
7    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
2    52.203.174.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-174-216.compute-1.amazonaws.com
t.pswec.com
5    52.0.31.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-31-80.compute-1.amazonaws.com
sync.srv.stackadapt.com
10    23.3.115.129 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-115-129.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
6    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    64.202.112.191 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    54.243.211.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-211-206.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
10    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
19    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
14    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
18    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
6    54.85.104.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-104-179.compute-1.amazonaws.com
dpm.demdex.net
4    104.102.111.7 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-111-7.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
7    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
rtb-use.mfadsrvr.com
1    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
9    13.225.214.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-87.ewr50.r.cloudfront.net
nucleads.com
10    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
26    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    3.233.21.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-21-199.compute-1.amazonaws.com
thrtle.com
35    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
8    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
16    23.105.12.144 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
prg.smartadserver.com
8    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
9    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
4    13.225.63.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-107.ewr53.r.cloudfront.net
ib.3lift.com
39    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.225.41.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-41-163.compute-1.amazonaws.com
tlx.3lift.com
1    2600:9000:21da:7600:6:1e88:a100:21 (United States)

ASN16509 (AMAZON-02, US)
d31otfhas71ais.cloudfront.net
1    2600:9000:2140:c200:17:b93b:fa40:21 (United States)

ASN16509 (AMAZON-02, US)
de9a11s35xj3d.cloudfront.net
26    18.206.31.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-31-91.compute-1.amazonaws.com
s.update.3lift.com
11    23.220.189.155 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-189-155.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
7    2602:803:c002:200::24 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
19    2607:f8b0:4006:81f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    146.20.128.169 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    23.52.160.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-7.deploy.static.akamaitechnologies.com
sync.teads.tv
6    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    52.44.30.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-30-82.compute-1.amazonaws.com
geo.moatads.com
86    2607:f8b0:4006:824::2006 (Flushing, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2600:1f18:612b:4232:ab07:9ca5:134e:3ac3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
4    192.35.249.137 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
17    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
googleads4.g.doubleclick.net
3    63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
39    23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
6    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    44.209.177.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-177-129.compute-1.amazonaws.com
crb.kargo.com
1    54.204.174.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-174-60.compute-1.amazonaws.com
sync.bfmio.com
1    54.170.109.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-109-87.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
5    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    44.208.128.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-128-231.compute-1.amazonaws.com
ads.creative-serving.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
8    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
21    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
4    2600:1f18:1c96:4102:4bd7:5264:40b8:b37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
2    18.224.253.134 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-253-134.us-east-2.compute.amazonaws.com
sync.adotmob.com
8    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
1    15.235.42.103 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
wt.rqtrk.eu
7    35.214.161.112 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 112.161.214.35.bc.googleusercontent.com
csync.loopme.me
5    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    2600:9000:2209:6000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    34.200.58.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-58-84.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
12    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    23.235.251.213 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
8    3.233.84.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-84-12.compute-1.amazonaws.com
aorta.clickagy.com
34    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
13    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
5    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
openx-ums.acuityplatform.com
2    44.213.57.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-57-151.compute-1.amazonaws.com
sync.crwdcntrl.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
11    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    107.22.93.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-93-74.compute-1.amazonaws.com
match.sharethrough.com
7    52.44.244.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-244-58.compute-1.amazonaws.com
a.audrte.com
8    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
14    173.231.178.83 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
8    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
3    34.192.101.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-101-54.compute-1.amazonaws.com
rtb.adentifi.com
3    54.152.227.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-227-11.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:573f:d88c:2bfe:75a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    108.139.29.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-114.jfk50.r.cloudfront.net
aa.agkn.com
1    2606:4700::6812:16ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.204.92.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-92-248.compute-1.amazonaws.com
rtb.adstanding.com
3    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
4    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
oxp.mxptint.net
pmp.mxptint.net
2    34.230.97.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-97-77.compute-1.amazonaws.com
i.w55c.net
5    54.205.17.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-17-152.compute-1.amazonaws.com
pm.w55c.net
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
4    3.227.128.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-128-167.compute-1.amazonaws.com
um2.eqads.com
20    23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    35.244.216.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.216.244.35.bc.googleusercontent.com
openx.adhaven.com
6    23.40.3.193 (Paris, France)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-3-193.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    157.90.40.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.40.90.157.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.203.16.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-16-231.compute-1.amazonaws.com
bpi.rtactivate.com
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    18.214.175.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-175-210.compute-1.amazonaws.com
io.narrative.io
5    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loada.exelator.com
2    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    158.69.248.161 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns542920.ip-158-69-248.net
7gra.us
4    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
api.cazamba.com
cdn.cazamba.com
16    141.94.202.176 (France)

ASN16276 (OVH, FR)
PTR: ns31491888.ip-141-94-202.eu
amer.hhkld.com
hhkld.com
sync.hhkld.com
2    2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
3    2607:f8b0:4006:816::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    3.230.35.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-35-231.compute-1.amazonaws.com
as.cazamba.com
1    104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
y.clarity.ms
8    3.213.144.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-144-48.compute-1.amazonaws.com
cookies.nextmillmedia.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
d.tailtarget.com
6    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
7    34.202.103.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-103-121.compute-1.amazonaws.com
pbs.nextmillmedia.com
8    67.202.105.21 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
hde.tynt.com
1    64.247.193.142 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
sync.colossusssp.com
13    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
d.t.tailtarget.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2600:1f18:61c0:2204:b3a:1dc3:6e97:b731 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    23.52.161.201 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    34.195.62.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-62-251.compute-1.amazonaws.com
services.insurads.com
6    2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    142.251.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
bid.g.doubleclick.net
1    2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2607:f8b0:4020:2::9 (Montreal, Canada)

ASN15169 (GOOGLE, US)
r4---sn-t0a7lnee.c.2mdn.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
7    209.54.180.76 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
1    8.28.7.92 (United States)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
Apex Domain
Subdomains		 Transfer
184 googlesyndication.com
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
pagead2.googlesyndication.com — Cisco Umbrella Rank: 133
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 321
16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com
1016 KB
143 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359
pubads.g.doubleclick.net — Cisco Umbrella Rank: 417
bid.g.doubleclick.net — Cisco Umbrella Rank: 807
850 KB
139 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 772
ce.lijit.com — Cisco Umbrella Rank: 1036
280 KB
98 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 547
image6.pubmatic.com — Cisco Umbrella Rank: 822
image2.pubmatic.com — Cisco Umbrella Rank: 1020
simage2.pubmatic.com — Cisco Umbrella Rank: 761
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 564
simage4.pubmatic.com — Cisco Umbrella Rank: 1351
image4.pubmatic.com — Cisco Umbrella Rank: 1216
image8.pubmatic.com — Cisco Umbrella Rank: 737
t.pubmatic.com — Cisco Umbrella Rank: 3581
312 KB
89 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 639
token.rubiconproject.com — Cisco Umbrella Rank: 656
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1134
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2421
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
fastlane.rubiconproject.com — Cisco Umbrella Rank: 543
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 1924
280 KB
89 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621
dsum.casalemedia.com — Cisco Umbrella Rank: 1634
htlb.casalemedia.com — Cisco Umbrella Rank: 626
r.casalemedia.com — Cisco Umbrella Rank: 1485
ssum.casalemedia.com — Cisco Umbrella Rank: 1386
68 KB
88 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
gcdn.2mdn.net — Cisco Umbrella Rank: 1161
r4---sn-t0a7lnee.c.2mdn.net — Cisco Umbrella Rank: 225548
15 MB
60 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8210
ssbsync.smartadserver.com — Cisco Umbrella Rank: 867
prg.smartadserver.com — Cisco Umbrella Rank: 1488
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1785
47 KB
58 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1383
google-bidout-d.openx.net — Cisco Umbrella Rank: 1387
us-u.openx.net — Cisco Umbrella Rank: 492
u.openx.net — Cisco Umbrella Rank: 740
eu-u.openx.net — Cisco Umbrella Rank: 2623
rtb.openx.net — Cisco Umbrella Rank: 1042
9 KB
57 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 421
ib.3lift.com — Cisco Umbrella Rank: 1559
tlx.3lift.com — Cisco Umbrella Rank: 638
s.update.3lift.com — Cisco Umbrella Rank: 7762
138 KB
57 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357
aax.amazon-adsystem.com — Cisco Umbrella Rank: 444
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 1063
215 KB
49 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 361
21 KB
45 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
mug.criteo.com — Cisco Umbrella Rank: 2114
bidder.criteo.com — Cisco Umbrella Rank: 742
dis.criteo.com — Cisco Umbrella Rank: 601
69 KB
31 media.net
cs.media.net — Cisco Umbrella Rank: 1628
contextual.media.net — Cisco Umbrella Rank: 645
prebid.media.net — Cisco Umbrella Rank: 1574
warp.media.net — Cisco Umbrella Rank: 2690
c21lg-d.media.net — Cisco Umbrella Rank: 2720
lg3.media.net — Cisco Umbrella Rank: 6330
hblg.media.net — Cisco Umbrella Rank: 2164
143 KB
30 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 340
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303
13 KB
27 dicio.com.br
dicio.com.br — Cisco Umbrella Rank: 156355
www.dicio.com.br — Cisco Umbrella Rank: 165798
static.dicio.com.br — Cisco Umbrella Rank: 939516
175 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
secure.adnxs.com — Cisco Umbrella Rank: 476
25 KB
23 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 618
15 KB
21 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 846
7 KB
21 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1673
usersync.gumgum.com — Cisco Umbrella Rank: 2018
7 KB
19 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408
creativecdn.com — Cisco Umbrella Rank: 498
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6707
7 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 375
data.adsrvr.org — Cisco Umbrella Rank: 5261
10 KB
16 hhkld.com
amer.hhkld.com — Cisco Umbrella Rank: 99962
hhkld.com — Cisco Umbrella Rank: 60271
sync.hhkld.com — Cisco Umbrella Rank: 102799
119 KB
16 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 701
cdn.indexww.com — Cisco Umbrella Rank: 1698
13 KB
16 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
10 KB
15 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4295
pbs.nextmillmedia.com — Cisco Umbrella Rank: 4726
7 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 583
420 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1026
assets.a-mo.net — Cisco Umbrella Rank: 2325
7 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1154
events-ssc.33across.com — Cisco Umbrella Rank: 2482
5 KB
14 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1615
6 KB
14 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5746
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4315
casale-match.dotomi.com — Cisco Umbrella Rank: 3996
openx2-match.dotomi.com — Cisco Umbrella Rank: 5976
33across-match.dotomi.com — Cisco Umbrella Rank: 4414
medianet-match.dotomi.com — Cisco Umbrella Rank: 11375
5 KB
14 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 602
7 KB
13 adform.net
c1.adform.net — Cisco Umbrella Rank: 635
dmp.adform.net — Cisco Umbrella Rank: 3522
track.adform.net — Cisco Umbrella Rank: 3621
cm.adform.net — Cisco Umbrella Rank: 1254
7 KB
13 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2376
593 B
13 google.com
ampcid.google.com — Cisco Umbrella Rank: 2322
analytics.google.com — Cisco Umbrella Rank: 256
adservice.google.com — Cisco Umbrella Rank: 107
www.google.com — Cisco Umbrella Rank: 3
4 KB
12 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
8 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 620
geo.moatads.com — Cisco Umbrella Rank: 795
px.moatads.com — Cisco Umbrella Rank: 541
113 KB
12 spotify.com
open.spotify.com — Cisco Umbrella Rank: 4057
apresolve.spotify.com — Cisco Umbrella Rank: 1060
gue1-spclient.spotify.com — Cisco Umbrella Rank: 3507
8 KB
11 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281
6 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
614 KB
11 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 566
pixel.mathtag.com — Cisco Umbrella Rank: 1145
6 KB
10 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 589
tags.bluekai.com — Cisco Umbrella Rank: 653
5 KB
10 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 976
4 KB
9 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3599
sync.richaudience.com — Cisco Umbrella Rank: 2090
4 KB
9 nucleads.com
nucleads.com
37 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
41 KB
9 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2151
id.rlcdn.com — Cisco Umbrella Rank: 751
idsync.rlcdn.com — Cisco Umbrella Rank: 426
79 KB
9 spotifycdn.com
open.spotifycdn.com — Cisco Umbrella Rank: 7776
502 KB
9 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 160
7 KB
8 cazamba.com
api.cazamba.com — Cisco Umbrella Rank: 327802
as.cazamba.com — Cisco Umbrella Rank: 327111
cdn.cazamba.com — Cisco Umbrella Rank: 562781
93 KB
8 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2002
2 KB
8 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2310
3 KB
8 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 22776
977 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 513
1 KB
7 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 19871
services.insurads.com — Cisco Umbrella Rank: 15951
54 KB
7 w55c.net
i.w55c.net — Cisco Umbrella Rank: 2530
pm.w55c.net — Cisco Umbrella Rank: 1012
5 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2906
4 KB
7 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1024
2 KB
7 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1160
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 6859
2 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 1039
3 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 839
id5-sync.com — Cisco Umbrella Rank: 434
40 KB
6 gstatic.com
csi.gstatic.com Failed
178 B
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 30435
usr.navdmp.com — Cisco Umbrella Rank: 37976
cdn.navdmp.com — Cisco Umbrella Rank: 7568
sync2.navdmp.com — Cisco Umbrella Rank: 62405
sync.navdmp.com — Cisco Umbrella Rank: 12619
6 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1856
4 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 933
5 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
5 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 648
4 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1019
bcp.crwdcntrl.net — Cisco Umbrella Rank: 952
sync.crwdcntrl.net — Cisco Umbrella Rank: 948
14 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1007
c.clarity.ms — Cisco Umbrella Rank: 1573
y.clarity.ms — Cisco Umbrella Rank: 8907
22 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3499
2 KB
5 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1501
openx-ums.acuityplatform.com — Cisco Umbrella Rank: 7741
3 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 920
s.tribalfusion.com — Cisco Umbrella Rank: 2022
3 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 792
2 KB
5 scdn.co
encore.scdn.co — Cisco Umbrella Rank: 9233
i.scdn.co — Cisco Umbrella Rank: 1268
367 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
imasdk.googleapis.com — Cisco Umbrella Rank: 495
606 KB
4 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4077
1 KB
4 mxptint.net
oxp.mxptint.net — Cisco Umbrella Rank: 6946
pmp.mxptint.net — Cisco Umbrella Rank: 6777
2 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 671
i6.liadm.com — Cisco Umbrella Rank: 2341
2 KB
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1669
2 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1839
269 B
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 785
2 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 662
1 KB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 7757
ampcid.google.ca — Cisco Umbrella Rank: 97957
991 B
4 7gra.us
cdn.7gra.us — Cisco Umbrella Rank: 106163
eu.7gra.us — Cisco Umbrella Rank: 182958
7gra.us — Cisco Umbrella Rank: 96302
12 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
100 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1332
1 KB
3 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1337
106 B
3 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 5280
ipac.ctnsnet.com — Cisco Umbrella Rank: 6665
994 B
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1233
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5036
984 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 617
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 408
1 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1163
952 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1069
1 KB
3 bing.com
c.bing.com — Cisco Umbrella Rank: 246
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 763
1023 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1035
3 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1841
hde.tynt.com — Cisco Umbrella Rank: 4519
3 KB
2 tailtarget.com
d.tailtarget.com — Cisco Umbrella Rank: 82769
d.t.tailtarget.com — Cisco Umbrella Rank: 340838
6 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1846
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26108
2 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 5330
643 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 5960
764 B
2 adhaven.com
openx.adhaven.com — Cisco Umbrella Rank: 8596
437 B
2 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 12158
721 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 533
1 KB
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 963
629 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6081
749 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 805
1 KB
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1662
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1089
2 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4938
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1404
514 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 3616
914 B
2 cloudfront.net
d31otfhas71ais.cloudfront.net
de9a11s35xj3d.cloudfront.net
919 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1466
685 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1375
dsp.adkernel.com — Cisco Umbrella Rank: 9107
568 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1587
4 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4280
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 852
881 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 874
963 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1538
315 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
136 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2522
476 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1432
182 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1088
311 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1944
665 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1519
280 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2846
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4922
468 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1881
110 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7132
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8501
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4691
349 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2634
438 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3053
309 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3589
562 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651
487 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1867
351 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1863
560 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 572
581 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3975
630 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1647
352 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 5991
641 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3020
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1630
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1801
504 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1217
176 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1103
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1091
827 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 1868
175 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4739
390 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117
403 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2038
608 B
1 sentry.io
o22381.ingest.sentry.io — Cisco Umbrella Rank: 10764
301 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
897 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1553
8 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1371
17 KB
1381 160
Domain Requested by
121 pagead2.googlesyndication.com www.dicio.com.br
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
100 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
hb.adpone.com
us-u.openx.net
ads.pubmatic.com
86 s0.2mdn.net www.dicio.com.br
s0.2mdn.net
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
imasdk.googleapis.com
73 cm.g.doubleclick.net 39 redirects google-bidout-d.openx.net
rtb.gumgum.com
eus.rubiconproject.com
googleads.g.doubleclick.net
www.dicio.com.br
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
eb2.3lift.com
ce.lijit.com
54 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
um2.eqads.com
49 x.bidswitch.net 49 redirects
45 us-u.openx.net 5 redirects google-bidout-d.openx.net
u.openx.net
googleads.g.doubleclick.net
rtb.gumgum.com
ce.lijit.com
us-u.openx.net
40 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
nucleads.com
hb.adpone.com
cookies.nextmillmedia.com
hde.tynt.com
contextual.media.net
39 rtb-csync.smartadserver.com 7 redirects googleads.g.doubleclick.net
www.dicio.com.br
39 tpc.googlesyndication.com 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.dicio.com.br
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
39 ap.lijit.com 30 redirects hb.adpone.com
ads.pubmatic.com
38 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
google-bidout-d.openx.net
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
ssum-sec.casalemedia.com
ce.lijit.com
eus.rubiconproject.com
ads.pubmatic.com
30 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
hb.adpone.com
ce.lijit.com
amer.hhkld.com
cdn.insurads.com
contextual.media.net
26 s.update.3lift.com ib.3lift.com
s.update.3lift.com
26 eb2.3lift.com 5 redirects ads.pubmatic.com
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ib.3lift.com
eb2.3lift.com
25 googleads.g.doubleclick.net www.dicio.com.br
pagead2.googlesyndication.com
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
23 sync.1rx.io 23 redirects
23 simage2.pubmatic.com 2 redirects ads.pubmatic.com
rtb.gumgum.com
ce.lijit.com
21 cms.quantserve.com 21 redirects
21 gum.criteo.com 10 redirects static.criteo.net
contextual.media.net
20 contextual.media.net us-u.openx.net
ads.pubmatic.com
contextual.media.net
aax-us-east.amazon-adsystem.com
eus.rubiconproject.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 ade.googlesyndication.com
19 static.dicio.com.br www.dicio.com.br
static.dicio.com.br
18 securepubads.g.doubleclick.net www.dicio.com.br
securepubads.g.doubleclick.net
www.googletagservices.com
nucleads.com
cdn.insurads.com
17 googleads4.g.doubleclick.net www.dicio.com.br
googleads.g.doubleclick.net
17 ib.adnxs.com 16 redirects googleads.g.doubleclick.net
17 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
www.dicio.com.br
hb.adpone.com
js-sec.indexww.com
cookies.nextmillmedia.com
17 match.adsrvr.org 16 redirects ads.pubmatic.com
16 prg.smartadserver.com hb.adpone.com
16 b1sync.zemanta.com 16 redirects
15 ups.analytics.yahoo.com 12 redirects u.openx.net
sync.richaudience.com
as.cazamba.com
15 static.criteo.net securepubads.g.doubleclick.net
hb.adpone.com
static.criteo.net
14 cm.adgrx.com 11 redirects ssum-sec.casalemedia.com
14 image6.pubmatic.com 3 redirects ads.pubmatic.com
14 match.prod.bidr.io 14 redirects
13 prebid.a-mo.net 2 redirects cookies.nextmillmedia.com
13 tr.blismedia.com 10 redirects ce.lijit.com
us-u.openx.net
13 pixel.rubiconproject.com 8 redirects eus.rubiconproject.com
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 pr-bh.ybp.yahoo.com 4 redirects google-bidout-d.openx.net
rtb.gumgum.com
ssum-sec.casalemedia.com
12 pixel-sync.sitescout.com 12 redirects
12 image2.pubmatic.com ads.pubmatic.com
googleads.g.doubleclick.net
11 sync.targeting.unrulymedia.com 6 redirects ce.lijit.com
11 www.googletagservices.com securepubads.g.doubleclick.net
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
s0.2mdn.net
11 mug.criteo.com www.dicio.com.br
10 c1.adform.net 9 redirects ads.pubmatic.com
10 px.moatads.com 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
www.dicio.com.br
10 pixel-us-east.rubiconproject.com 10 redirects
10 creativecdn.com 10 redirects
10 sync.mathtag.com 10 redirects
10 um.simpli.fi 10 redirects
9 hbopenbid.pubmatic.com hb.adpone.com
ads.pubmatic.com
9 nucleads.com www.dicio.com.br
nucleads.com
9 stags.bluekai.com 8 redirects us-u.openx.net
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.dicio.com.br
api.cazamba.com
9 open.spotifycdn.com open.spotify.com
open.spotifycdn.com
9 sb.scorecardresearch.com 2 redirects www.dicio.com.br
8 ssc-cms.33across.com 8 redirects
8 hhkld.com amer.hhkld.com
hhkld.com
cdnjs.cloudflare.com
8 cookies.nextmillmedia.com 6 redirects amer.hhkld.com
cookies.nextmillmedia.com
8 cdn.indexww.com ssum-sec.casalemedia.com
8 s.company-target.com 8 redirects
8 aorta.clickagy.com 8 redirects
8 sync.richaudience.com hb.adpone.com
sync.richaudience.com
amer.hhkld.com
8 js-sec.indexww.com hb.adpone.com
8 bidder.criteo.com hb.adpone.com
8 htlb.casalemedia.com hb.adpone.com
8 prebid-eu.creativecdn.com hb.adpone.com
8 fastlane.rubiconproject.com hb.adpone.com
8 hb.adpone.com nucleads.com
8 pixel.tapad.com 5 redirects ads.pubmatic.com
us-u.openx.net
8 gue1-spclient.spotify.com open.spotifycdn.com
8 c.amazon-adsystem.com www.dicio.com.br
c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
7 aax-us-east.amazon-adsystem.com c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
7 pbs.nextmillmedia.com cookies.nextmillmedia.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
hde.tynt.com
7 a.audrte.com 5 redirects www.dicio.com.br
7 csync.loopme.me 6 redirects us-u.openx.net
7 beacon-iad2.rubiconproject.com www.dicio.com.br
7 dsum.casalemedia.com ssum-sec.casalemedia.com
7 secure.adnxs.com 7 redirects
7 ad.turn.com 7 redirects
7 www.dicio.com.br www.dicio.com.br
6 csi.gstatic.com imasdk.googleapis.com
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
6 px.owneriq.net 6 redirects
6 eu-u.openx.net 4 redirects us-u.openx.net
6 p.rfihub.com 6 redirects
6 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 bh.contextweb.com 6 redirects
6 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
6 www.google.com www.dicio.com.br
tpc.googlesyndication.com
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 sync.hhkld.com cookies.nextmillmedia.com
ads.pubmatic.com
5 pixel.onaudience.com 5 redirects
5 pm.w55c.net 5 redirects
5 dis.criteo.com 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 sync.srv.stackadapt.com 5 redirects
5 idsync.rlcdn.com 2 redirects u.openx.net
ads.pubmatic.com
www.dicio.com.br
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
5 id5-sync.com 3 redirects cdn.id5-sync.com
4 services.insurads.com cdn.insurads.com
4 as.cazamba.com api.cazamba.com
as.cazamba.com
4 openx2-match.dotomi.com 4 redirects
4 um2.eqads.com 2 redirects ssum-sec.casalemedia.com
4 beacon.lynx.cognitivlabs.com 3 redirects ads.pubmatic.com
4 sync.tidaltv.com www.dicio.com.br
hb.adpone.com
4 a.tribalfusion.com 3 redirects ads.pubmatic.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 ib.3lift.com 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
ib.3lift.com
4 secure-assets.rubiconproject.com 4 redirects
4 ad.360yield.com 4 redirects
4 encore.scdn.co open.spotify.com
4 cdnjs.cloudflare.com www.dicio.com.br
api.cazamba.com
hhkld.com
3 lg3.media.net aax-us-east.amazon-adsystem.com
contextual.media.net
3 image8.pubmatic.com 3 redirects
3 imasdk.googleapis.com api.cazamba.com
imasdk.googleapis.com
3 cdn.insurads.com www.googletagmanager.com
services.insurads.com
3 amer.hhkld.com www.googletagmanager.com
amer.hhkld.com
3 uipglob.semasio.net 1 redirects www.dicio.com.br
3 i.liadm.com 2 redirects www.dicio.com.br
3 rtb.adentifi.com ssum-sec.casalemedia.com
us-u.openx.net
ads.pubmatic.com
3 odr.mookie1.com 3 redirects
3 rtb.openx.net 2 redirects us-u.openx.net
3 ums.acuityplatform.com 3 redirects
3 an.yandex.ru 2 redirects www.dicio.com.br
3 image4.pubmatic.com 2 redirects rtb.gumgum.com
3 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
3 simage4.pubmatic.com ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
eb2.3lift.com
3 ssbsync.smartadserver.com 3 redirects
3 match.deepintent.com 2 redirects rtb.gumgum.com
3 sync.ipredictive.com 3 redirects
3 c.bing.com 1 redirects rtb.gumgum.com
eb2.3lift.com
3 sync.outbrain.com 3 redirects
3 id.rlcdn.com 2 redirects us-u.openx.net
3 cs.media.net 1 redirects contextual.media.net
3 bcp.crwdcntrl.net tags.crwdcntrl.net
googleads.g.doubleclick.net
ads.pubmatic.com
3 www.google.ca www.dicio.com.br
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
www.dicio.com.br
3 unpkg.com 2 redirects www.dicio.com.br
2 medianet-match.dotomi.com 2 redirects
2 hblg.media.net aax-us-east.amazon-adsystem.com
2 bid.g.doubleclick.net imasdk.googleapis.com
2 33across-match.dotomi.com 2 redirects
2 cdn.cazamba.com api.cazamba.com
cdn.cazamba.com
2 tag.navdmp.com as.cazamba.com
tag.navdmp.com
2 ads.betweendigital.com 2 redirects
2 c.clarity.ms 1 redirects
2 www.clarity.ms www.dicio.com.br
www.clarity.ms
2 api.cazamba.com www.googletagmanager.com
api.cazamba.com
2 cms.analytics.yahoo.com 2 redirects
2 loada.exelator.com 2 redirects
2 io.narrative.io 1 redirects www.dicio.com.br
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 rtb2-useast.marketiq.com 2 redirects
2 openx.adhaven.com 2 redirects
2 openx-ums.acuityplatform.com 2 redirects
2 i.w55c.net 2 redirects
2 oxp.mxptint.net 2 redirects
2 rtb.adstanding.com 2 redirects
2 aa.agkn.com us-u.openx.net
www.dicio.com.br
2 casale-match.dotomi.com 2 redirects
2 r.casalemedia.com ssum-sec.casalemedia.com
2 cm.ctnsnet.com 2 redirects
2 bttrack.com 2 redirects
2 pool.admedo.com 2 redirects
2 sync.crwdcntrl.net 1 redirects www.dicio.com.br
2 s.ad.smaato.net 2 redirects
2 sync.adotmob.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 rtb-use.mfadsrvr.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 t.pswec.com 2 redirects
2 pippio.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 onetag-sys.com s.amazon-adsystem.com
amer.hhkld.com
2 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 oajs.openx.net 1 redirects www.dicio.com.br
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 apresolve.spotify.com open.spotifycdn.com
2 cdn.id5-sync.com www.dicio.com.br
securepubads.g.doubleclick.net
2 www.googletagmanager.com www.dicio.com.br
www.googletagmanager.com
2 open.spotify.com www.dicio.com.br
2 cdn.7gra.us www.dicio.com.br
cdn.7gra.us
1 t.pubmatic.com ads.pubmatic.com
1 c21lg-d.media.net contextual.media.net
1 warp.media.net aax-us-east.amazon-adsystem.com
1 16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prebid.media.net ads.pubmatic.com
1 r4---sn-t0a7lnee.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 ssum.casalemedia.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 cm.adform.net 1 redirects
1 id.a-mx.com 1 redirects
1 sync.navdmp.com as.cazamba.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com as.cazamba.com
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 assets.a-mo.net prebid.a-mo.net
1 d.adroll.com ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 d.t.tailtarget.com d.tailtarget.com
1 sync.colossusssp.com 1 redirects
1 hde.tynt.com cookies.nextmillmedia.com
1 de.tynt.com 1 redirects
1 d.tailtarget.com as.cazamba.com
1 y.clarity.ms www.clarity.ms
1 ajax.googleapis.com api.cazamba.com
1 7gra.us static.dicio.com.br
1 tags.bluekai.com
1 pixel.advertising.com 1 redirects
1 track.adform.net sync.richaudience.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 dsp.adkernel.com 1 redirects
1 bpi.rtactivate.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 i6.liadm.com us-u.openx.net
1 dmp.adform.net 1 redirects
1 match.sharethrough.com 1 redirects
1 server.cpmstar.com 1 redirects
1 wt.rqtrk.eu www.dicio.com.br
1 aid.send.microad.jp beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
1 s.tribalfusion.com beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
1 synchroscript.deliveryengine.adswizz.com rtb.gumgum.com
1 sync.bfmio.com rtb.gumgum.com
1 crb.kargo.com rtb.gumgum.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 geo.moatads.com z.moatads.com
1 z.moatads.com ib.3lift.com
1 de9a11s35xj3d.cloudfront.net 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
1 d31otfhas71ais.cloudfront.net 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
1 tlx.3lift.com 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
1 shb.richaudience.com hb.adpone.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.iqzone.com rtb.gumgum.com
1 sync.adkernel.com rtb.gumgum.com
1 tags.rd.linksynergy.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 rtb.gumgum.com s.amazon-adsystem.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 ampcid.google.ca www.google-analytics.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 analytics.google.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 ampcid.google.com www.google-analytics.com
1 o22381.ingest.sentry.io open.spotifycdn.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 i.scdn.co open.spotifycdn.com
1 secure.cdn.fastclick.net www.dicio.com.br
1 ats.rlcdn.com www.dicio.com.br
1 eu.7gra.us www.dicio.com.br
1 dicio.com.br 1 redirects
1381 282
Subject Issuer Validity Valid
cdn.dicio.com.br
R3		 2023-05-30 -
2023-08-28		 3 months crt.sh
static.dicio.com.br
R3		 2023-06-09 -
2023-09-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
cdn.7gra.us
R3		 2023-05-26 -
2023-08-24		 3 months crt.sh
*.spotify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-07 -
2024-03-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
eu.7gra.us
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.spotifycdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-02 -
2023-08-02		 a year crt.sh
*.scdn.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-02 -
2023-08-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.google.ca
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.iqzone.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
nucleads.com
Amazon RSA 2048 M02		 2023-06-10 -
2024-07-08		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
update.3lift.com
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
um3.eqads.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
loopme.com
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
7gra.us
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.cazamba.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-11 -
2023-10-12		 a year crt.sh
hhkld.com
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2023-05-01 -
2024-06-01		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
pbs.nextmillmedia.com
Amazon RSA 2048 M01		 2023-06-13 -
2024-07-12		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.a-mo.net
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh

This page contains 244 frames:

Primary Page: https://www.dicio.com.br/
Frame ID: 3250B1AF355B61E53B85E6403D449F3E
Requests: 139 HTTP requests in this frame

Frame: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Frame ID: 2594F232CCE6CD897EDDD457B4A36424
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dicio.com.br
Frame ID: B78AC3A89E0B5FC51D15042B255B927C
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Frame ID: D54F0400F4EFE1DBB0BE660AC1213170
Requests: 1 HTTP requests in this frame

Frame: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14D65417CB8C1ED67EE05ABC87E964C7
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 70717479824A7D7BF39D3FEA3776771F
Requests: 6 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 093DD766157CB2AAC0DF36EC4E731D9B
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: C3D2D09ED37ABB45B971B9B255B44C48
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: A332155689093550A4974F8E38316602
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: BF483FD298F970F5BF26D012319A33CF
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=9195223259748919252&gdpr=0&gdpr_consent=
Frame ID: 977C380B7A337FA18EC372779D0A3C27
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMtwV-0PnmdgN1RnBYAAAAAAA&expiration=1687016130&is_secure=true
Frame ID: 9D27A5D6CB891143F4ECD62BCAA7EFDD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: B32972894597434A3E5675472F53A039
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 4C2BFE6C814372E24CABDBDF96B9B0AE
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1IZFZhdlUxRTJ1Si5SUDA3bTc0UW9BM1BLQmh1OVlzQn5B
Frame ID: 9907C3F2269C626974AD8A0CA9DD443F
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 64A4B45C4E03009A81EA5F8D3F22ECCC
Requests: 7 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 5376350DEE8CAC99AC13472B6D4EC3B6
Requests: 1 HTTP requests in this frame

Frame: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Frame ID: C149EB0DA9BBA2B7F2E7AC234B193F66
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F28DFB5A52C9F01AC7B80C2E2F94B8A2
Requests: 11 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Frame ID: 46546BF4EEE49804888ADD2D40770687
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=&gdpr_consent=
Frame ID: 49FB18D70F39C95939CD9619DE274428
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZIyBQgAAPUaJFQAz&gdpr=&gdpr_consent=
Frame ID: F85877BC7D30A10A5B47C705C3BB4BA1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wMTA1NTRmNC1mMjJiLTQ4YmItYWE3ZC1kZDFkZjc4ZjI1N2E=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D7734D35BC48CEA0F864B7D576213235
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZIyBQsCo8YQAAMZzhOkAAAAA
Frame ID: 573ECDE5965D2A04B2FB95AD19ED6811
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=e9cd9076-54b0-4888-91dc-53262d48b930
Frame ID: 6DB3933708ACF63F1F3388B92389A181
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 3A7C8F90AACA430C1D7568DC76A71AAE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=X6eQx8cX9MYIG3v0sS6B&pi=gumgum&tc=1
Frame ID: 8975AF9CA859D15DDC207B3713E0CFA7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B3F800CB6BA421540DDB5602EDAE2A7A
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwDMjC3ShYWoEOsKn3CN8iaa-wt0mZFqCMjtKzYRLse2XKEYBM9szXGH4vSOKR9vxTPyjTcdec24K-c_hk-tW7ceveIO9qLXueeM_0k0nCaDuPPd4rhXhk0QJ69_cDClmlKJvEyXCjo1_ZS0rzJdE65T54TFPXsPu1Z0aFeqHKd6Wl-WDe4eXVJ7QdNq4iuvdlNU4M911vFF4dfC4mcbp-UBcYvhxKK3rW3F5rwRZMJtwNUyAGUvCgdiBGavzKrqWI0GOq_fR2kPJ6OKicNYa2GwAQCPszmeUCNc_oQ9Xi78ViAOYE50nlj0XASaNGe08XmHS8muv10hPx_MojYY1jrj2d&sai=AMfl-YS0jp84XwgphTjLEaURGzuZNhr58591FZrJgprM1-oUwtSu9g4ebiIud23tTdTrWLNPhGXjLjoj-sSxCYRfAnQMW92iQn31jsuVdInCSpNh_1kg3d-wGUvCWCMHYliKATCFiiwoCQ6mB_tfAj0&sig=Cg0ArKJSzOSTaIUyNtk_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 43282839AF1635E7FB393E8BE00C70D6
Requests: 6 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 0F5E1EFCEF1860B7CA37AEFF1CD5A12E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 4823704607F6241BC40C5CC79A634CD3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 360EB95067B72A15DECA70CF49294140
Requests: 25 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=fefxqlcl&e=1992969008185
Frame ID: BEF73A6865A5C87560A35F65ED4DBDBB
Requests: 17 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=xwjvohytl&e=1992969008185
Frame ID: 2E16E7E1F94AA89AC7A7E1AA414D7835
Requests: 17 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=njertjyc&e=1992969008185
Frame ID: B60ABD594DDF429E9ADCA1609206CB96
Requests: 17 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=huvvvpw&e=1992969008185
Frame ID: 171572FF9B53D137E51F0AACB83EB697
Requests: 17 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=vrdczbx&e=1992969008185
Frame ID: 09E9399347C40AFAFD0E84F9A7FE1626
Requests: 16 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=ooglvk&e=1992969008185
Frame ID: 8904F75F7638EF9DD53BB22B38B597E6
Requests: 17 HTTP requests in this frame

Frame: https://nucleads.com/r/p.html?f=fwoxwsyl&e=1992969008185
Frame ID: E45551243519790DCBEB88D0B5C7EAF3
Requests: 16 HTTP requests in this frame

Frame: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EEF5EDAF89A93EB755BAAC6F2EA1DA54
Requests: 62 HTTP requests in this frame

Frame: https://d31otfhas71ais.cloudfront.net/images/total_restore/logo.png
Frame ID: 82D001CAE3002A56C70E00A877A94400
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Frame ID: 78EC847A0ABB0C5C5AE31FD5D702B492
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1B8861BD039C5348DE533E7F77814D3A
Requests: 18 HTTP requests in this frame

Frame: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: E080E71727143AB10654FBAEFAAFB399
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Frame ID: F6D927F537961BC212B051AB6A92DDAD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CF1193FE1AAE131132A9BF8FD620333A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNUxuQBm1wU_mwzo59vYHf3JUrAC0wWkYFQOdTpEOkwlGJ2rHFNEDZjGnevov0RMtT6qrJtxJHn9ZxEl85Hg5AaeCGj4Jg
Frame ID: 696DC64FCDC020D96E76F7F14981C945
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 862C1B506CB4DA74C5522F21FEE2CEC0
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Frame ID: DB73720547C89C30E4C89F0B68427BD6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 90B60848B1257D8230EFAF6612E90127
Requests: 18 HTTP requests in this frame

Frame: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6FD137EB12ACD770FDB96464DE740943
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 536B426C51A2F85A143F87A2E6D4107A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20DA71468BEC42E1F190D945985A7BD5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: 34CEE21FA07E6686B714193857BD729E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: CF8A3DE281CE123237AA531B513D07C3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: 2A20C6F2C74551EF69018503C7C57A8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPy40egCGLyO2t4BMAE&v=APEucNUTXFNyun0__nh9gSpKrvKHP37ycC8ieCafJqKrI35UQCdBBo66Ei2tzq_Jez7tcCq3V50VlmC8K_GTYWa5wRKXUVTq1A
Frame ID: 3D7BDBFC0FA79F82A27BE36933BE1632
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: AC63B7D0777FDA54034E960371A11266
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXEvzGjZ-XKVbA2hwrbdhvNsbJ4U1JQZa3hJHgl08WLBDbiMgRD1RmQzzBJvxRkMLWYPd8aA4ZKvUzsOSFYDgjf7KG7lA
Frame ID: C1EDFEC727FB1EC23590611C09EDDB37
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4CF0FEFF0A469DA3C1B8BF71FA7EE2A9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNW0dfaZapr4zFIeXOV5XJ2GkwB-4FsjkfTOYxmK51Q-E2jua1_YtXJmEjdFKzuSgevNVy6AjnCisrQlyy4GrLTQiTa2BA
Frame ID: D9C8EA11221C68FFBEF797C9A3B20DF6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 87791108345321262AB286EB984F441D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Frame ID: 4BA613F5FAE6E058FBF2BD2D4B04EC81
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 90E5E6250C3F6E8AEFB9FBDE411FBCEC
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Frame ID: 05A4D367FC1FB9F0603D91E8B20D8D6D
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
Frame ID: A2C44C9E9D3249A0C462BB943E12274C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDD80E890A5C1EC875A5B6429A94E06F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
Frame ID: A79C7E58C507504C5D40847BB5C1838D
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Frame ID: F4A42512583436179744EC5DF78BABB0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AD81DACB7F011410839E023DA3067B1D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2D6435B292109D1B8F1B91E68126441
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0627B49A6A3C2909EAF02A8BEA937DED
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: 54F7F5C03499F37E8C9AE88D53BE9C71
Requests: 2 HTTP requests in this frame

Frame: blob://https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe
Frame ID: E16A53C43233EA4EA605C5D7E3979B85
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2603D24908AEE10F6E5353951E02436F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: 9275C44EEE8CA428155079A6D2F1FCFC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: E34E750100BA92FF8F56F4B9CF4B0619
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Frame ID: 431A2DF177B3A88ECEC61BC0C2B6BC54
Requests: 14 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625788307119378
Frame ID: 81DA2DE2E5F51E350960DCED367E7F1F
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&redir=true&gdpr=0&gdpr_consent=
Frame ID: 38D2D70863303985D8A75659D43D1760
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADU507JGQMAACEM6-pGFA&gdpr=0&gdpr_consent=
Frame ID: A0A514E98B900B38D4C0CEB5AC37F3F3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Frame ID: 9E3194D3D55056C24F29D210FD900015
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7868782405983581932&gdpr=0&gdpr_consent=
Frame ID: C6F01739F0501ADE4127C295591E7856
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ab31e695ed944bb18bfef
Frame ID: 6CABBEB738373D1302235D61EA5EB1C4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: CD7A1B5F823E20A57CF6F8540BCE0235
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 644EB3D85B4F62821E00AD6FB0F82BBD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A916BE10FAFD95428CD97B984775ADA4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Frame ID: 734946C03B34A4CD197F996C3E6CA381
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Frame ID: 3F446B332ED16B9F20BB3C06235EE320
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B51D8F1412FADA3D5931344D80E57092
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=17072
Frame ID: 5724CEACB152001FD0E72D1478113205
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F7DD107D509D37890F4FDC927BF05DA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B5D32B91FDF6A71E0CF870DBB57BBD5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 860DE71D2F41CF0F65A3227F5CABD0D9
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: A18022953B8FB2BD76C7EFC189283FA7
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 369DADF5A020890AF3CDEF088AB01037
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1B34E802CC21D1E34CA1C16620BBE848
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0D680AF45334B8FFA8F7C1819FB7907C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7AC9C5E6664ED7929CC816075CBC7698
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Frame ID: 6FF2D9C91317C00022E99CBBC4AB0711
Requests: 9 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: A1E08900671F86BCC51D75E18C11654F
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: AC5E0298B6520467BBBB6275DB4BA4C7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E02293EC958BE8467C4B50C1F43B2196
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F9662AAA5328A9AED05FBCB566B238F2
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F49AAA14C98DFD3609F240031CC7B106
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: BBB4667C3C6C529D12CADF3F8A848575
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: E02288FE7B7845C0DDF0065451EB69A4
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3485E93307A4C24FEA40845349865DC
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: E57DCA145D3B00805C83BD47421A6A9A
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CCEDBD09C7DCCC443E07B0809104305F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7559B344AA01A1AF9A56326809573100
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 5F435F9986CD946115AF56F3DD150E8C
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: BFDE7B84C3D0E482032C10CC9F19032F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: FEC539A63F55BB64FBC137A0BAE70AAD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 21BF24E67BDB6BB1BF4E4E1D319C3EA5
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 93A062FA611255F64A9E2D1A68C58A1D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5F0D66363DFDEEE5B21C632CED89B66D
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 337E4A44D3E201E2896E540B1163B2F4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: B29822AF20AEF1ED55BC6BD75B7CA041
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 9DE46E296ABE6EBC95355A536609A7EA
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 99440611146697549A7D7DF52E1AFA23
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5FE03B99408FC1663F5D09D699AB99A2
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2DA78BDA8A44D003198EF336A1A6CB79
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 52A6C34EA24A831AEE5BF6A52F4FD03F
Requests: 14 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 3A4771C63F19A16C0F84D3B1CB9D66DC
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 95BA94EDCF4D0D571C17D436BDE9747E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 7835ED50F99CF4CC6BDB8771B6310A98
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F0E5BF3C7972177F36DFA24D46E9D22D
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: C80821ABF396251AD197CDA2E763723A
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: 5073D64F475AA147704A91E1A32CDE8C
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FDD1F8909235061818FF1F5111B0968C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A499F908ADCAA4B3075508C04E3E987F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 948E2FD76C5FB35E9207FF24BFE34356
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: D1B20C7B98BD3C0555304725D4B19AA7
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 25D5B6C7105D46CED021D018D49216C7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 14268B61932999E5EF197F5D76094165
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EFEA36703A895779B3D87BA9211018FA
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 45F4B6237A90131C8778CCF9B90040A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 51444759361DF649B5EC561F6E6A7D14
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13406526
Frame ID: 1B8B48EF12DD310EFA3E809B204F3D4B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: A165836F84CE1DC219B018ED0E67C592
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 41D82AC4B9A505AE72AA12060766D5E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: 983F3107CDF818D55C8E05246F9D1E17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: 36F726AB9A94CD0096E6A5AA582DD038
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: 6368CC1F0FD8494D5C7E825A40FC029B
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 9A70A6C0BE311FD9E2A6F08D7BBC6677
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 2079300C1C02B40751F2580FA4DE786A
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A25646D0C0C490C1D97BBF3932095E94
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5A147D06856C7C38437CAAB76178AEF5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 10C6A20950B499AE57A9CF7004A543B4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: FD267C4C1990AF4E950B8C962D2FDDD3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: A2F8D0E3F8E5188100BAC9A2F315B1AC
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: ECAB24FBF776A792C27AC302913867EA
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 4AAF63769C9643FFFD31D11FA2B3FC60
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 5FACD1D208D1580751AE2C238A40AE39
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 451DD8AFC731F795540BDBB8C9D2A280
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: C3371B1FE258507F5BD19267B04B576C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: D6B5773DF6D86F2C2175C059887A126C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 14A80252A8A351ABC5C78F4F1BF4EC16
Requests: 8 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
Frame ID: A4E700C63AB9F5D44491DB2A3FEF9BBC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 402500141B979E35C76163B86B2F09B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Frame ID: 97ED4199D08BCC21B5F2726B8945F92E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Frame ID: C52B42CD58990770D0B4FDDE3255BBD7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qJTDG1a51Qabu95&gdpr=0&gdpr_consent=
Frame ID: 1388583ECE6A02BFCA69BB915A2DD752
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791276946469
Frame ID: 48FCD2817C788FE1301FEACB731FEDF7
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 0CEFD0E3D2846F08121B08DFC73646DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Frame ID: 0CBCC220FB744005570B9A94FA480766
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E0DE8F82E427BE9A3D7F842C2A6E8C51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Frame ID: CEB4EE8DC07618D29E858DADA6B167C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 26E4DB6E36D1FD6A2A60DADF14CD6B73
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mmXYKf62ARWWNDIrS4GMZA
Frame ID: 834E501F3F978BC6EFF7AB6BC94E317D
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 4FC91F32B09974E6940F8434819CCB27
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=99c0a2ba-c407-4d71-a929-c4a35950d27a
Frame ID: 4A774CCE99FC933BA720DD9D328A8A24
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BA6E32C72AB0DE3BC23B1E8A7D1A7AB4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 10BE25129B51ADC7EAC76E471EC2F28A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7402161381508317360
Frame ID: AEB99D0BF643221A89B6436762022F46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3&gdpr=0&gdpr_consent=
Frame ID: CBD85CD1F258A5334A5DF962E66198BE
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: EBD57E0E90D0C762AB1FC48F2568D35B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: 0FF39B2619DBF759A4387717D9FDCDA9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: F457C8EC8A2293416623DAD8F573DD9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Frame ID: F137A9D77220BD417B87BFB0AACB8FCA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 9A8BE34F8C720E0C0C986A8B0F158712
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Frame ID: BB14C5074427F7BAD043E8F82636A005
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 67195D1329439801572E8C5E77EAA7F5
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 55DEFD53DC7F59BD7FA5DEB0B51D6A41
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 7EDA42683AF6D44C86EC3E8ACB15FA1B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 130D88E31C8AB6D4113A76FB74CB6FDF
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: B1700EFE6DD86AC99C0EA0F281003848
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: AE937DA2F32EC4B6CDE674E49C3FA66C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: D13EE3F856ECD402BD521F8FDC1869F9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: EE2B268C960730323FB97807AC7464CA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 3EEBDEC61554B60DD0474FB9EAE7D74F
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: AD7ECF37708FD4BC305418C0915C0189
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: E13E5BD5044923105983266CE12F440B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 36ACA568C7582E58CF085A75B5AB5F91
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: 0633FD7B166C3D3890D111BDE1C87653
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: 7372457CFC73D42E888C5A68F6375480
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: 17C13BECF868227745F6DAD7156E1999
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: 25ECA7008A5C52E15083FE78CEACE166
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: A4423CBF41DA28CE7E71271BC428BCF4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: CD99F0FF7BE6BD58DE42781F50A2C020
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: E262DFB6563A7CD6445627F495612B12
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Frame ID: 7ACF6D15D5364E194B3CA1B26F0F57DC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9200BE1001BC5D5C87565738628F7348
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BFF6C6C6565D2F18D3427DA1850DEF1F
Requests: 2 HTTP requests in this frame

Frame: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Frame ID: 7A70D5F12C7BD809F436B8B593C4F81F
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7516a748d25c406
Frame ID: F07DC8955CEAE603A52E873E4F7A5D05
Requests: 1 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Frame ID: 88095CDD129E545E8FCBDC2A75DB6FC3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=22956637672
Frame ID: 8D83B220A91746437189255C5E2D5EC2
Requests: 1 HTTP requests in this frame

Frame: https://sync.hhkld.com/tools/sync?dsp=67&uid=
Frame ID: 3125018FB0768ED3AAB1C41F61230029
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7868782405983581932
Frame ID: 9E77A2278AD020DB4386BCCE6C15B133
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Frame ID: 2BF0AE8A1536DE632516446D728AF4EE
Requests: 7 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
Frame ID: 45CAEACD9BE11CE2B4F27BD03CC1616A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: F508AE915DC741D7AFE625297EEAB432
Requests: 10 HTTP requests in this frame

Frame: https://cookies.nextmillmedia.com/setuid?bidder=colossus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=[UID]
Frame ID: 5B08776BC0E4C057DF5B4B2F2A17602D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Frame ID: 965FD28E1846B525AD36CA5C35C649C7
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Frame ID: 8CBAE9A324CBDDBAF2035EA7F596683F
Requests: 12 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: E24C2EE386416BB0C6FDE2507FFA2D25
Requests: 1 HTTP requests in this frame

Frame: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a
Frame ID: 4A03FD87437AF42E1EB684A54B05D87A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: C403C448D8591F86F8958D5E92E83F3C
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: E68E1ECF6EC7D09914EAAED4AB8E2F18
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=963790&predirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Frame ID: B819D5DA977D8F70A115F495BA4504AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.hhkld.com/tools/sync?dsp=24&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: 4F70D5350FB96305C3191BE1754A9988
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: F789084C118178A8F0BF59A7FC0268DC
Requests: 31 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=1079727&appId=2553&s=2973&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.dicio.com.br%2F&sid=004FCD87A9708E5B&v=1.14.9&rv=1&ts=1686929746548
Frame ID: 01AC2E3F3A004AB3983144E8F74E68FE
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: D8D12B670DE0A3DB4A3EC697CBBF9920
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe
Frame ID: 9038540126E8320F0F4136DF7384F425
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E31DF61D617C9A91A3408707A2CBBA63
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: CC6FE9A549CAD3960C7B695D2029601F
Requests: 3 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2553&requests=[{%22eaup%22:%22/1062898/DICIO_BR_HOME_SIDEBARSTICKY%22,%22eoid%22:2222468848,%22eolid%22:5179162798,%22advid%22:4502590479,%22w%22:300,%22h%22:250,%22eId%22:%22main_dicio_br_home_sidebarsticky_0%22},{%22eaup%22:%22/1062898/dicio.com.br_new_mrec_home%22,%22eoid%22:340220598,%22advid%22:10041388,%22w%22:300,%22h%22:250,%22eId%22:%22main_dicio.com.br_new_mrec_home_0%22}]&h=https%3A%2F%2Fwww.dicio.com.br%2F&ts=1686929748541
Frame ID: 723DBAA8E1AE43FEFCF07489643A45BC
Requests: 1 HTTP requests in this frame

Frame: https://16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 38C0F073907E343C33D26C0CCB24F343
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162930
Frame ID: 80FD3CBB2A964B9B3D10080D8A151B3B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 1F37C614F8227BCFD5542AE3446659BC
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviO3vHzQraUq09gCJGUtKE-n_4Kj-tyDyWzNibE_QbNdT9oqXS3jD30sstXSTwag3wzY7XkHv1_nNK7P-NzuYoI6R2AdCEV1u9d9zvP6PprSZYXIBez9H380lvq5smWAhQsfeLVmHv7M2n7osSeQ8KVSPLv_bj_gDVjCU4Kf_kWuIKdJSpqP6vZJ8PwZLagEvNgnAbgUVgf8tGN0eaxkHA7se2m-QqUJ4-RIxALmOl87FkvZqalGHDkiu52UsrAyxTIyI4mLqZ-Cu8srOqBxSbdYdqiLdjIsSk5tYlWQoOmXJNUpiX-aObUzt6b-67Jlyr0qyc&sai=AMfl-YQtUABww3a85lPHiwH1n1L7UEAMadWleB1ryjoqOQIV27kX-qPx1Yg-PnWmfQhwJT9N3fvtXc0hW-t-zg7A9EZ15u8esSMzmQTqiOWAIAqCWFhRMMANBFAxdGlTybs&sig=Cg0ArKJSzD9gst5AdELHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 95FEE79007238B62299673160227219B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B39EDEB393AE2496E2F5C456AE48648
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 065799110FCBE87D72A9E5BDA54B328D
Requests: 2 HTTP requests in this frame

Frame: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Frame ID: 594717EEC62E56F3963AB531FC99DA13
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 8982FD8EE67211E1574020BBA80794D5
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3299313301455264000V10&type=rkt&refUrl=&vid=69297505893299313301455264000V10&ovsid=968625788307119378
Frame ID: 2C0222BBEE17D548331449A8053E8E03
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dpba%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3DPM_UID
Frame ID: 6CFA95E7CF8A571BFAF9395FAA46E7D8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=pba&refUrl=&vid=69297505893299313301455264000V10&ovsid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: BFD6290206AB432463CBDF7ED3E71E1F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&vi=1686929750798812442&gdpr=0&tsce=L166&cid=8CU15598N&cpcd=qJmqsokj19d2oMwtdTjLJQ%3D%3D&crid=345419453&size=970x90&cc=CA&sc=QC&chnm=smm_migration_test&pid=8POW2UN4M&tpid=TQ230O5&https=1&rrr=tzR-hLcl-L9LvXCq0A7VESeoxkSJMTl181odX1EZZ2o%3D&nse=5&lw=1&ugd=4&adt1=8CUZ1MK22&adt2=661646771&ebdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&bdrId=459&ntv=0&mmm=D5jUpyE7LeM%3D&mcf=66056&ydspr=1&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808147724&kapc=7&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8OverJk%7C%7C77OvW&kata=aton&ekalog=%3DVvAffH%7C%7CPPVrvfV1UP%2FrWpY%3DJsm7clL%7C%7Cc0_rvFH9%7C%7CqVrv9%7C%7CbVvAffu%7C%7CcVvAffH%7C%7CbVrvW%7C%7C_0_rvfWWA9WfXhX9ifXf9HXf%7C%7C_TVrvF&cadomain=tzR-hLcl-L-HShN42-uuffsgUdLEfSJIxUSuarmSELZFh2LYdFCUMA%3D%3D&ypl=1&isid=3&adv=Featured%20Insights&pgid=p11678221463t202306161535&essld=uHi.XF.uXA.9~%3DK~gxJGJN~cmz7LJ1j&htmlsrc=1
Frame ID: 6D8B7FDD1BB559831A758F9F72C2F7A0
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: BA1E744D1A4D4D2FEF20BA5FB7103439
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Frame ID: A3D689B72E609E07D55325AAF26FB907
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dicio - Dicionário Online de Português

Page URL History Show full URLs

  1. http://dicio.com.br/ HTTP 307
    https://dicio.com.br/ HTTP 301
    https://www.dicio.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1381
Requests

72 %
HTTPS

25 %
IPv6

160
Domains

282
Subdomains

164
IPs

15
Countries

23953 kB
Transfer

41279 kB
Size

341
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dicio.com.br/ HTTP 307
    https://dicio.com.br/ HTTP 301
    https://www.dicio.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@3.3.2 HTTP 302
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
Request Chain 57
  • https://sb.scorecardresearch.com/b?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Request Chain 58
  • https://sb.scorecardresearch.com/b?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Request Chain 84
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp&cc=1
Request Chain 91
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Request Chain 96
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dicio.com.br&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kNYgE3xaaUlPRDhJSGlmcVpHUU1RTWRxTFg1R1FuTXpyMkVLTlNEVUdiQThaY0hIMXl3aHdObHFXa3NxWlg4UmQyQk1ZTFZMY3g3YkFsUzEvRjh4SjdXYVZmUG15d216V0dvNC96QWprQXQzWnBpMVR0NXA5VDhWeEpmcm56MU1aeFVLb3RMOEo1V0J6MHBONnE1RnZvbzdmWElNUzl5aDNoNUE5T0tncmtJNUgza2pQWkR3cGFwcVJRcGJ5ckEvWndSTkhSenkxVXduV3RQaTlEZ0Z4OHMxcVB2QWxFZTR2YjdVTEFvNW9OV3Juekh1c2ZnanRJTmRwTDVTK3dBTjJJeEU2clVrcWplY2llMFk0QmNTYXZkemxmUT09fA&cppv=2
Request Chain 108
  • https://match.adsrvr.org/track/cmf/openx?oxid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0&gdpr_consent=
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3&google_tc=
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
Request Chain 112
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
Request Chain 113
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=81322635-d407-41c6-90b3-06c576eb4a0a
Request Chain 114
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3299313301455264000V10
Request Chain 115
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AADU507JGQMAACEM6-pGFA&ex=beeswax.com
Request Chain 117
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=B1419C921A984094910AFB59BC53B6E3&ex=simpli.fi&status=ok
Request Chain 118
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NlEeHRMbmPui4ApJw2rW
Request Chain 120
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 122
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=9195223259748919252&gdpr=0&gdpr_consent=
Request Chain 123
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=c004ea6955b1492&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMtwV-0PnmdgN1RnBYAAAAAAA&expiration=1687016130&is_secure=true
Request Chain 126
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1IZFZhdlUxRTJ1Si5SUDA3bTc0UW9BM1BLQmh1OVlzQn5B
Request Chain 127
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 130
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZjYxYzJhODYtZWJmNS00ZTgzLTlkMmEtMDJmNDYyZDc3NzVmEAAaDQjCgrKkBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0ee81d56f367cf144766ebb45bc8b0f307fa61dc59f689f980bf223a4f104a03791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZWU4MWQ1NmYzNjdjZjE0NDc2NmViYjQ1YmM4YjBmMzA3ZmE2MWRjNTlmNjg5Zjk4MGJmMjIzYTRmMTA0YTAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIwoKypAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZWU4MWQ1NmYzNjdjZjE0NDc2NmViYjQ1YmM4YjBmMzA3ZmE2MWRjNTlmNjg5Zjk4MGJmMjIzYTRmMTA0YTAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIwoKypAYSBAgCEABCAEoA&google_gid=CAESEGYr--7MLNAlJNErTwIsEsc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a307ce15-de30-4cfd-b22e-2084afc93b74
Request Chain 131
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7868782405983581932
Request Chain 132
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 133
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZIyBQgAAPUaJFQAz HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIyBQgAAPUaJFQAz&_test=ZIyBQgAAPUaJFQAz
Request Chain 135
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7868782405983581932
Request Chain 136
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=316e038e-a60e-4413-b36d-47b1f4d6b6ff&expires=3&user_group=1&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Request Chain 137
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4263f094-4c93-5e85-50c1-1c0d9b792ac7$ip$149.56.153.184
Request Chain 138
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHGYRLFJBJE2YTNKB2WSNCBOBFHOMTSK4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHGYRLFJBJE2YTNKB2WSNCBOBFHOMTSK4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=NlEeHRMbmPui4ApJw2rW
Request Chain 139
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=4PN9fuFh8ZXL&ev=1&pid=558355
Request Chain 140
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28blAiVZONxHH5Sdl-zjM0iXyPTVT4NLqj_jE-Y44COfmodDDa8MROngo6TSKbDb_s%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28blAiVZONxHH5Sdl-zjM0iXyPTVT4NLqj_jE-Y44COfmodDDa8MROngo6TSKbDb_s%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&obuid=ENC(blAiVZONxHH5Sdl-zjM0iXyPTVT4NLqj_jE-Y44COfmodDDa8MROngo6TSKbDb_s) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Request Chain 141
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=54e7f190-0ea7-40b5-a528-92ea931c17c1
Request Chain 142
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-kR2KmEBE2pdBYiJJXxKygUZ5FjRL0a48XKnZ~A
Request Chain 143
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=05397481-14be-41e5-b894-0f13dbdb9e9d
Request Chain 144
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Request Chain 146
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=81322635-d407-41c6-90b3-06c576eb4a0a
Request Chain 147
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9195223259748919252
Request Chain 152
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Request Chain 153
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=&gdpr_consent=
Request Chain 154
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIyBQgAAPUaJFQAz&gdpr=&gdpr_consent=
Request Chain 158
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIyBQsCo8YQAAMZzhOkAAAAA
Request Chain 159
  • https://cs.admanmedia.com/sync/gumgum?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=e9cd9076-54b0-4888-91dc-53262d48b930
Request Chain 161
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=X6eQx8cX9MYIG3v0sS6B&pi=gumgum&tc=1
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIyBQpGLLvl3l6QCbO.IfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
Request Chain 165
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&expiration=1689521730&gdpr=0&gdpr_consent=
Request Chain 166
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Request Chain 167
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7868782405983581932
Request Chain 168
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7868782405983581932
Request Chain 169
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg
Request Chain 171
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 173
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=6c8b0ba5-a158-47ce-9300-413aabcb94d3
Request Chain 174
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Request Chain 175
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 176
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=4PN9fuFh8ZXL&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 177
  • https://um.simpli.fi/lj_match?r=1686929730433&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=B1419C921A984094910AFB59BC53B6E3
Request Chain 182
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIYQEMLE-B-GF3X HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LIYQEMLE-B-GF3X&ex=d-rubiconproject.com&status=ok
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mspQ6XqmSeKtH-KQ777iRg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 186
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2C%2C
Request Chain 187
  • https://eb2.3lift.com/xuid?mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 188
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1ac4af0b-7258-49ea-8eb2-143131247f20
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFDQTUwRTktN0FBNi00OUUyLUFEMUYtRTI5MEVGQkVFMjQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
Request Chain 191
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3
Request Chain 192
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 193
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Request Chain 198
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElZUUVNTEUtQi1HRjNY HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZpSRkvxLKz56IJVIHo-jo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUUVNTEUtQi1HRjNY&google_push=
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U2ryNiTWCyl12RpjqSBVzQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Zq2U9BxE2oKlU_XBTLQLhBlL9gdgfubIJYYzPw--~A
Request Chain 200
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
Request Chain 202
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gbjjs4FZRNm8c6YEz7hC0Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gbjjs4FZRNm8c6YEz7hC0Q
Request Chain 203
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=&expires=30
Request Chain 205
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYQEMLE-B-GF3X
Request Chain 206
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIYQEMLE-B-GF3X HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LIYQEMLE-B-GF3X
Request Chain 309
  • https://rtb-use.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=7b828910-f3d1-4bf7-936a-3641d89c2c00&initiator=me HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&dongle=31ac&gdpr=&gdpr_consent=
Request Chain 310
  • https://x.bidswitch.net/check_uuid/%2F%2Frtb-use.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D HTTP 302
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&bsw_cookie_age=2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&expires=30
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEB5Ku6Iasf--2BQ_U300KDY&google_cver=1
Request Chain 340
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=X21qUlBYcWNYY1U
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1
Request Chain 342
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO.IfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGMDv9eZYmKaYCsHbiIaTZI&google_cver=1
Request Chain 344
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2ODc4MjQwNTk4MzU4MTkzMg%3D%3D
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Request Chain 348
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YmI2YjRlM2YtNGQ5YS00YWIyLWIwMDctYjg5OTgyMDMyZTEy
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
Request Chain 350
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
Request Chain 352
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFDQTUwRTktN0FBNi00OUUyLUFEMUYtRTI5MEVGQkVFMjQ2&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPbEnudTXcjZN0_h_zgjPSc&google_cver=1
Request Chain 354
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTliZDM1NTgtY2Y3OS00OWExLTg3NzYtMzkwNWQ5ZmFmMWNj
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEMBHak4G9SoxD9RVxr-xgYM&google_cver=1
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1&__user_check__=1&sync_id=6ec148e0-0c5b-11ee-970b-1cc82ed80303
Request Chain 417
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=6ec13ece-0c5b-11ee-92da-1e9ed2ec0203 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmVjMTQ4ODYtMGM1Yi0xMWVlLTk3MGItMWNjODJlZDgwMzAz
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tN1haSXJGRTJ1RXAxblcwcERHNVExLllJb19oeTM0c35B
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMYUk5bfedgoTjijFg3nc7g&google_cver=1
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&google_cver=1
Request Chain 454
  • https://eb2.3lift.com/sync/google/demand?sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm HTTP 302
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEKuRSSnBN7h0_VI6rxDO-p0&google_cver=1
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEODdCLO1BwvftbiuASdyv_8&google_cver=1
Request Chain 457
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmMzYThjODUzNzI0ZjE5ZWFiOWVkNTcxZjAxYTI2&gdpr=0&gdpr_consent=
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
Request Chain 459
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg== HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
Request Chain 524
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625788307119378
Request Chain 526
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVTUwN0pHUU1BQUNFTTYtcEdGQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADU507JGQMAACEM6-pGFA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADU507JGQMAACEM6-pGFA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=9195223259748919252&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADU507JGQMAACEM6-pGFA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9195223259748919252%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9195223259748919252&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADU507JGQMAACEM6-pGFA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADU507JGQMAACEM6-pGFA&gdpr=0&gdpr_consent=
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Request Chain 528
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 529
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ab31e695ed944bb18bfef
Request Chain 535
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sAXpCb9E2uUFrZoz09no4mqK0Tdgz.k-~A&gdpr=0
Request Chain 537
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24d81ea041a52171&is_secure=true&networkId=17100&version=1&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMtwV-0Pnn3ANrceMNAAAAAAA&expiration=1687016134&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 538
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=05397481-14be-41e5-b894-0f13dbdb9e9d&gdpr=0&gdpr_consent=
Request Chain 539
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMpKDaFeKAFIBNUhnXUYIWg&google_cver=1&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi31e9fjXg HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a2b663fd-5339-4be2-a1d7-6bc82ec05109&ssp=google&expires=30&user_group=5&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi31e9fjXg&google_hm=u2tOP02aSrKwB7iZggMuEg==
Request Chain 542
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGysicJAOAZOMO572grBwrA&google_cver=1&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0_dFyKRZG6mNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0_dFyKRZG6mNw
Request Chain 543
  • https://dsum-sec.casalemedia.com/cma?google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1&google_push=ATf1kGMnKkD3zRMLX65LGvKqDjkAVMJHgK7t33ceAg5Xukr3UUrtxBnhTquf63CIztuekNNiv2zm_gzUUZJ6RvZafDaTWIrJuxs HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625788307119378
Request Chain 544
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4YGomU2Q_UsDPROWxg%26google_hm%3D%5BUID%5D&google_gid=CAESELxi4r95CHtYGw-3ecBhvSc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4YGomU2Q_UsDPROWxg&google_hm=c8bca416-9819-4d74-acf4-00ac86ff7171
Request Chain 545
  • https://an.yandex.ru/mapuid/google/CAESEObAhojIuxwhI3xRTxGVj0c?ext-param=ATf1kGPBKleA0cndLhaclmRvbjdQ_VrHNunMWpYWncSYJA75vdouNotpOQR0oZZAJuDcES0wZRROOv4U5MxbenVC3YMmsVWNgj2Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEObAhojIuxwhI3xRTxGVj0c?redir-setuniq=1&ext-param=ATf1kGPBKleA0cndLhaclmRvbjdQ_VrHNunMWpYWncSYJA75vdouNotpOQR0oZZAJuDcES0wZRROOv4U5MxbenVC3YMmsVWNgj2Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEObAhojIuxwhI3xRTxGVj0c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 582
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 584
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=LMkl-iLMKa43xCSqe8gwrHzJLv83yy_9KsVMTh0e
Request Chain 586
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Request Chain 587
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Request Chain 588
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 593
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 595
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=qyXtq6Ug4f-wKOz7pHT4-q515fGwcrH9pCNehaei
Request Chain 596
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 597
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-4GbnhytE2pk_hq_bsixJ8YAoYPlNet.e713mhg--~A&expires=5&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Request Chain 599
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 603
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=9195223259748919252&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 604
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Request Chain 605
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8d8169f6-bb36-49c3-ac62-7a4fc916d6f7&gdpr_consent=null&gdpr=0
Request Chain 606
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
Request Chain 607
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent=
Request Chain 611
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 613
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=BPKtEgr3oUYf__AVAPG4EADwrUYf86VHVPYeVXvB
Request Chain 614
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
Request Chain 615
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
Request Chain 616
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
Request Chain 618
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 622
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0
Request Chain 623
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
Request Chain 626
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 628
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 629
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 630
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 631
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
Request Chain 632
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 633
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4184420296987606615158&gdpr=0&gdpr_consent= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=72c3717f-b617-4d42-b055-11bad514223e&ssp=triplelift&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 635
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4184420296987606615158?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sK6T0ARE2oSq1UF0rW40BZSjX4lAVGfgEYceeGT1Gg--~A&dongle=0883
Request Chain 636
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=NlEeHRMbmPui4ApJw2rW
Request Chain 637
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7868782405983581932&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 643
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 644
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 645
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=xmgD85dk6uV58ASisqHT0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Request Chain 646
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 647
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 648
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 649
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 650
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 651
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4642337543 HTTP 302
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 652
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 654
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Request Chain 657
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 658
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Request Chain 659
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 660
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 661
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg&user_group=1&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Request Chain 662
  • https://ums.acuityplatform.com/tum?umid=27&uid=G03niPZH5lRXKpa0QfmyLxxR&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=791276946469
Request Chain 663
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 664
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 666
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2635390217 HTTP 302
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 667
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 668
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 669
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 670
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 676
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1686929736042 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=216428980 HTTP 302
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 677
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 678
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 679
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 680
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 681
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 682
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e2cac44d-48c6-4b3a-8fe4-05392569dd6b&user_group=1&ssp=fmx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Request Chain 684
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 685
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 686
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 687
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Request Chain 688
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 689
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 690
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1686929736044 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4212775027 HTTP 302
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 692
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 693
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 694
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 695
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Request Chain 696
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 697
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 698
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7257672098865546847&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Request Chain 699
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 700
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 701
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 725
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=bc546105-74c8-44ad-b4c6-1946bf7e18b6&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 726
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=fIzf3I80wc0kJ86wiFUsPQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 727
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=2e5f648c-8142-4e00-a92d-af87705ce1c9
Request Chain 728
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=05397481-14be-41e5-b894-0f13dbdb9e9d
Request Chain 729
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 732
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 735
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Request Chain 736
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Request Chain 737
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
Request Chain 738
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e5e56fc8-f8c3-494f-ac77-427b723826f0&gdpr=0
Request Chain 739
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2Y2SFJrMENuNWtTb0tlQnN6ZXgyNFVrZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNmNkhSazBDbjVrU29LZUJzemV4MjRVa2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNmNkhSazBDbjVrU29LZUJzemV4MjRVa2ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNmNkhSazBDbjVrU29LZUJzemV4MjRVa2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7257672098865546847&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNmNkhSazBDbjVrU29LZUJzemV4MjRVa2ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=cf6HRk0Cn5kSoKeBszex24Ukg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=9195223259748919252&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 740
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Request Chain 741
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 742
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Request Chain 743
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 746
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Request Chain 749
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=14023950-a2ba-4f90-aed5-74b343999ba1
Request Chain 750
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 751
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 752
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
Request Chain 753
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Request Chain 754
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521736
Request Chain 755
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 757
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=edf06667-1eee-4fe4-84fb-9790c7c37f21
Request Chain 758
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 759
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Request Chain 760
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 761
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4d8d12376c242171&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFzQ88GbCPpAMG8dDUAAAAAAA&expiration=1687016137&is_secure=true
Request Chain 763
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Request Chain 764
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
Request Chain 767
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B1419C921A984094910AFB59BC53B6E3
Request Chain 768
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768&_li_chk=true&previous_uuid=9213b7dce58a472db246e2ea5a9472b2 HTTP 303
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768
Request Chain 772
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=0f77c06a-3e2a-5dd5-357a-c9f47e815645 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0xyj6ognk9nx9
Request Chain 773
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 774
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=1f3c8877-ba5f-4c45-bfa8-89facab7c62d
Request Chain 775
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 776
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 777
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0f8dd1fe-7d5d-8f26-cbe03a57
Request Chain 778
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIyBQgAAPUaJFQAz
Request Chain 779
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139337
Request Chain 784
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 787
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 788
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Request Chain 789
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
Request Chain 790
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZIyBQgAAPUaJFQAz&gdpr=0&gdpr_consent=
Request Chain 791
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7245308046810806417&gdpr=0&gdpr_consent=
Request Chain 800
  • https://ap.lijit.com/beacon?informer=13406526 HTTP 301
  • https://ce.lijit.com/beacon?informer=13406526
Request Chain 801
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=smartadserver&bidswitch_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=c60f4c52841cf4875c3a9faa17934494&expires=30&ssp=smartadserver&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Request Chain 802
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5JZWEKZKIKJGWE3KQOVUTIQLQJJ3TE4SX HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
Request Chain 803
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 805
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-b0d7B-wf5wCmt6Nve8ZAoJl6FVf4wprmhZxuWyMBhw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=9195223259748919252&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttl=%%TTL%% HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 806
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 807
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Request Chain 808
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Request Chain 809
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 812
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Request Chain 813
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
Request Chain 841
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_1045D5231_63DBDD6A
Request Chain 842
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Request Chain 843
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=448177783061932911
Request Chain 844
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
Request Chain 845
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=openx&bidswitch_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=c60f4c52841cf4875c3a9faa17934494&expires=30&ssp=openx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Request Chain 846
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Request Chain 848
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33646_1045D5232_63F18A3A
Request Chain 849
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Request Chain 850
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7257672098865546847
Request Chain 851
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
Request Chain 852
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b1e30950-dec4-41f2-a0bb-8189deea1c8d&expires=1&user_group=2&ssp=openx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Request Chain 853
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Request Chain 855
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 856
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 861
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 862
  • https://ums.acuityplatform.com/tum?umid=27&uid=G03niPZH5lRXKpa0QfmyLxxR&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=791276946469
Request Chain 863
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 864
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 865
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1718303100 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 866
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Request Chain 867
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 868
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 869
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 870
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 871
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 873
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 876
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 877
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 878
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 879
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 881
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=815516820 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 882
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Request Chain 883
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 884
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 885
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 886
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 887
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 889
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Request Chain 890
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 891
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6790614616 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 893
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Request Chain 894
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 895
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 896
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Request Chain 897
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 898
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Request Chain 899
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 900
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Request Chain 934
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Request Chain 935
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 936
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740938&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Request Chain 938
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72c3717f-b617-4d42-b055-11bad514223e&expiration=1718552138
Request Chain 940
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADU507JGQMAACEM6-pGFA&expiration=1688139338
Request Chain 941
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521738
Request Chain 947
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Request Chain 948
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 950
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
Request Chain 951
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139338
Request Chain 952
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 953
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2359921639606788299
Request Chain 954
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_ab31e695ed944bb18bfef
Request Chain 956
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Request Chain 957
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Request Chain 958
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Request Chain 960
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZIyBQpGLLvl3l6QCbO.IfgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662098136136277
Request Chain 961
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
Request Chain 962
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Request Chain 963
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=qJTDG1a51Qabu95
Request Chain 968
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aae1245d-b3cd-417d-b508-3ce0a992eebb HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662098136136277
Request Chain 969
  • https://sync.1rx.io/usersync/openx/30ec4582-5d07-4a88-92be-dbeffdf45afb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 970
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADU507JGQMAACEM6-pGFA
Request Chain 973
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=dd3a185d-8a35-4ef9-989d-689aebe82e80&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Request Chain 974
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_fd44b766-95e6-4dc7-ade2-541e494039d6
Request Chain 975
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=648C81483D38189FC8FCFE9FBLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D648C81483D38189FC8FCFE9FBLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=648C81483D38189FC8FCFE9FBLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Request Chain 976
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=385d59879c691492&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-lQNoCT18AAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
Request Chain 977
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7402161381191044652&uid=Q7402161381191044652&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161381191044652
Request Chain 979
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=dd3a185d-8a35-4ef9-989d-689aebe82e80&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Request Chain 980
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_a5d78291-c900-41d3-8719-58de46375dc1
Request Chain 981
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=648C81483D38189FC8FCFE9FBLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D648C81483D38189FC8FCFE9FBLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=648C81483D38189FC8FCFE9FBLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Request Chain 982
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1d28d45562732171&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-mQNaU8nfAAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
Request Chain 983
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7402161382137559395&uid=Q7402161382137559395&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161382137559395
Request Chain 989
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
Request Chain 990
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 991
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Request Chain 992
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Request Chain 993
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qJTDG1a51Qabu95&gdpr=0&gdpr_consent=
Request Chain 994
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791276946469
Request Chain 995
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=72c3717f-b617-4d42-b055-11bad514223e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Request Chain 996
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Request Chain 998
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=3812646979 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/2e5f648c-8142-4e00-a92d-af87705ce1c9?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 999
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1000
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mmXYKf62ARWWNDIrS4GMZA
Request Chain 1002
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=99c0a2ba-c407-4d71-a929-c4a35950d27a
Request Chain 1005
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7402161381508317360&uid=Q7402161381508317360&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7402161381508317360
Request Chain 1006
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3&gdpr=0&gdpr_consent=
Request Chain 1008
  • https://idsync.rlcdn.com/712188.gif?partner_uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f
Request Chain 1012
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3Dbb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A652393035817929802&exchange=685&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A652393035817929802&expires=5&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 1014
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_1045D5232_63F18A3A&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 1015
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Request Chain 1016
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7257672098865546847
Request Chain 1017
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7868782405983581932
Request Chain 1018
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fdf26f3f-e4c8-431b-918b-1bd66ba6ecf2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1020
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADU507JGQMAACEM6-pGFA
Request Chain 1021
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Request Chain 1022
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-h6oDHolE2uEKi0eMqoKCtbI33_dPGmCPxfnBZ.E-~A&gdpr=0
Request Chain 1023
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7868782405983581932&gdpr=0&gdpr_consent=
Request Chain 1024
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Request Chain 1025
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=edf39634-495a-42b3-acef-0zz1686929731 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drichaudience%26bsw_param%3Dbb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9&expires=30&ssp=richaudience&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_ps=
Request Chain 1068
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=730552b0-0c5b-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Request Chain 1069
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://a.audrte.com/p
Request Chain 1076
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1077
  • https://pixel.onaudience.com/?partner=214&mapped=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ec1a240fec5b88db6be9a8402e11d6e&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-N8uQ6rVE2pRwyaUOYeRPZKqFvibjb7FGCw--~A&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=ef5199e1bacefaba HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Request Chain 1078
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHCb7TFGpav6EcqvARDhWxU&google_cver=1
Request Chain 1118
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=lkOSvXxVekpMV0Ztdndqb3VXdXVEbjI4RlFDZWRuTldVOEF1NjhUUTVxVzNiYXYxWlVTcXpIRlQwS2Fpa09qVzdSSkg2NHVhaE5RNzhoaTNicGdxT3ozWkdUTzZqZmRoNzAveXNFQU9YNzdBVjRmVFdjaldqM2JRRys2SnN1RVhJWkVHd05wazNvZ0VHRS9HdU5CRFZDUzJFTWNzeFc0YmtjME56NnBjT1I4blpUMCtNL1ZjMExSRnlBZTR2U0FYR2FsUWVEY3ltQTBVQ1FHc0RxUWprK1BVSEMzeEw3cmxSN3hqb1RDanRsRzFCV2F5NlFjT1JsT20yWnFiQTI4a3pBa3NpM3R0cVlreDRoOVo0UXN3Uk12NnJGcTBxeUxGT0FYdlVaNWdDWnhSV2ovdz18&cppv=2
Request Chain 1119
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=4557VXxkNGdVSG9PQ0hrM1dpZjVHclIzbFc4bkxab1g2RkFWSU1YUjd3cW9hNElkV0Y0ZGlXVGd2TTBiYjZ0UHVRdElmU2cvb2ltUm05Rlp5U0pzWVozMk8wNWtLZ3EvbWp2aGhMUldTenFOT3FZbnYzRklFQnE3QTNLTlR3VnRqakFDRjBLb0xpdmxtZDZadjNLZWx1RzBObC9rekpHM2FPSVNCMUEvZk9lcWhSNnppNFdreFJZZ1I5aS9GQmdLd2FSSHl0RHpZQmh2Mjk4Y0dUa3pQUzBuaCt3a3pMa3NqUmF5YkREaEYvWUs3Vk03Z0ozYVZNSUhvc1paMDlsanc5a2RLMEc5Tzc1TmdHRVdzV2w2N0NJWXAvTzBDL3VVTG9iaGlMaVRUNytMaTFXWT18&cppv=2
Request Chain 1121
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2UyjoXwrSkVUcGlDdzJTbGtPaGM4bFV2eERHUm54enlPMFkyQnJhbGIyMjdxOWVuTlBsUjBDQlA0RWlxVlM1eGM2V2ZwNmxuT2FwT2RGb3pncVNGL29RZ0hRWjhvUlNvaEZZMllaZUs0RXlyNkd5Qk54M2M1bDhkYU5NZlhSTTZWS0xBQmRqQ2szNWpadERDQzZXTlpNZkgydXZvUHgzSCs1UUxsa3ZxVXpqQUc0WFdjVy9kdzlyeU54TFZ2MnQzempNdFdxTTFiRWRNNUJpVkI0UEZhbWw4T0N4NjUwZW9wT2tNeWNYOEN2VVNWOGFmNTF0UTNmNkpiSTE1d2QwNW1WYzl5OFliOEVOVWdVRDVueEhUU3haUmR2T2lQcWlpRkVodVpsMy9BNjFzQy9HUT18&cppv=2
Request Chain 1122
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GO0IPHxlM0hTa2pSZkFFTk1MWElEbEFtTC8yMHR1dFAzM3VYUHlTV0dMRXB4aXNTVHJnMWNhYmwvZnZhMlZpekVMWnc0UTVWUGdkRmZER0xlT3FuYm1YVFlxeFhQM0ZKd3lOOE9sOHhJeUNYK0p2Q0svKzBMM3FNQU5ueW4vRkE5SjNOTnRnTGZXRk9mWUd0dFQwdHRQaFhHOUZPZlFrOTFxWG5uZ3VFd2tyK1IybXBWeHU0UDI1UjdpOUtqTC9KbWhzQW5mbDJCbkF2Wk43c2V4UGJZaTlGU2R4OUVmaTF0bERvNGp2R3FqSytwQlg3bmlDQXR0SDNHZGVkRzZoajlIWEJnV3d1bG56eUhlRi8xRHB0dVBsdHRuNGFMVENhdTVJZlV1bndvM2szYk5JST18&cppv=2
Request Chain 1123
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kt2adXxBelY5NDdFWEUwMlBGaGJPOUtENDQxUE1ZZGJUeitQbWo4NGxUMGxLa2V3TGw3RDU4Rlk3bG1CYk9IbDU4bW9zR0dERjh6YUxFcnpOOG1PZ0xtcXNORmtZWkpYRHdDZ0RBMEkvRkNpZXJ6bTZWU3YzeFAyRE9zQ2UrY25mWnZnMGx4RU5RTG5kQXRlOUU4VWY1OUg3djdXaXJvV3p4SURISDg1YzJoVm9NTU5ON2pzbVdqSWMxbkRMQmJPdVRiSXhlM3M3QndXSy9yWVY2NzRVQUd2Z1dtZTBDVTlmSjUwREpFNFR3TG1TeGZqRHdRcXQ1R0o4S3VGMXo5b2NLblNpN3dKV2h0UUswRWhyckx6SkN0c0lWcmlBYlNDdVdybGd3OWtFd0ZHY1dKTT18&cppv=2
Request Chain 1124
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=8KBj9nxWcVl5d0RBc0k3K3k2MTlaWUFONVk0eVc4RFgwZlhaaVU4RWhWd0l6M2JVRWRxSXdjRmpxbHpsbXBlVzAwTFZ4UkJXNkRWMzFWUnhQM2xtWGlBcU11by9NZDZDNEFvbGVjVFJYSHlsK2l2R09sdGJTS3M0Z0swTm9yWEpubW42R2tMYnMxNS9hdEZKRVd4SUlNM0Z5UnQ2SHZ1U0hVeEpDeTBGdllpUEpSaVBrNGIvWXFVcVJ3N1RVSWo0ZlFyRU5XUGJncTNqZGdBb2tiTi9tL2VmY056NHRKZVJuaWpKcmRUY2YyZ0pmRUZzWFM1U1RBUVZacXlvTFFSWjdMRTJTRCtCZzYwS0tnWWc1ZmQ0U0loQ1ZIRnY4RFFhR2UzTVUxWUp4VDVNRWtFYz18&cppv=2
Request Chain 1126
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=v3Lb13xNbEhLRWxseXptdDV2cWJBNFc3QXZ4RDFaZy8yOFEwVFdIQ2FmY2tlYkg1andxeloyQ3E2QnlnWGxVbjhWQUpWVDUrN0JjK3l0VG9id3JNdU1TdUo5Q0dGWkNMOEdBb0pONWRyclo4MWZXSWR1NmZZS2ZMRU9vM29PcG4vVUlRUFlOVkZMckhyd1ZRZ1pQZE1yL2QvWnMrVkF1b3JGN2RYcGliZ0tVVm1XNzZPTVZ0ck9LYm5JNmZ1UFE4dkxMc29MSGJQd0JpRG83ODFPWG1lZDZ6MzhzNU82MDNVNjVZc05QdDRSV1d1bTR4Z3AvU29sWFQ3USt6ZDR0TGJmU0NMK3NBMTk4UTUrRDJIYjV2TFpPeUM1U1FXakhvcUR0TGg0SnZ1Q0pnTm5UWT18&cppv=2
Request Chain 1136
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dicio.com.br&sn=ChromeSyncframe&so=3&topUrl=www.dicio.com.br&bundle=oxXwFF8wZVNMcVRWM29TSzElMkJreHlpT0pLMyUyRkdMNDlpS2phNmxVZnclMkJyZndHSTU2VFFmT3ZOc2R0aVpLVkkxSHlwNTNLZU0zOTNJTDE5MXk1TFFPUms0VWdJT0JlYm9hSXd1S1VsRkdzTG9telVxeDY1WWhsOUZZSGFkandIaGRtTjNJdWMlMkY5WHk1OFhVemFVZVBtJTJCbU9oJTJCb2clM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=CGgoQHwxQ1NWQjloWkx5Y0NMd3MrZFkxdlVOOUIvSE82TVhIV3FET3NuZitqWDVsaDBjMldzWjlkUDh5OGRoTHRvREtGOEI4dWdOMGc4ZkJtWUNJTUNCZzl0bXNoVVd2UXVJV015RThzaGJjdnJGWnk1UVE3eTZZbkxNMXIxRjNSckFPYzVjVjBxd2orQktodmdQUnVqQW5xWnVKYnVQUnpYWVRnOW5NaytrSUExbmhEZXFKU1ZwTUE1TFd4T1VlUGh1Qmg4c0VLSjU3VzlFN3h3Qk1uaDNiRUNFdXNhOUtrWE9WMFFvcXhBSUhOWU5FaXRNOFFsVklQOURrTWUySlkxQmJMVjB6TWxmZjA3OGRLYS9xM2NGcTdtS2VzRjBBa0ZXalovSk5lVEllWjBRST18&cppv=2
Request Chain 1146
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&RedC=c.clarity.ms&MXFR=293BA8798CB467CB1FC8BB4B88B469BC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&MUID=2F0E8CB093976AEC0F079F8292AC6B48
Request Chain 1170
  • https://ad.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID} HTTP 302
  • https://sync.hhkld.com/tools/sync?dsp=53&uid=81322635-d407-41c6-90b3-06c576eb4a0a
Request Chain 1171
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID HTTP 307
  • https://sync.hhkld.com/tools/sync?dsp=38&uid=G03niPZH5lRXKpa0QfmyLxxR
Request Chain 1172
  • https://ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.hhkld.com/tools/sync?dsp=39&uid=390b2ebc-ea19-52a7-bbfd-32fcdf71b3ac
Request Chain 1178
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=adnxs&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=7868782405983581932 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7868782405983581932
Request Chain 1179
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Request Chain 1180
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
Request Chain 1183
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dcolossus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=colossus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=[UID]
Request Chain 1184
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Request Chain 1187
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%23PMUID HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Request Chain 1189
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TTMIVSUQUSNMJWVA5LJGRAXASTXGJZFO HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TTMIVSUQUSNMJWVA5LJGRAXASTXGJZFO HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=NlEeHRMbmPui4ApJw2rW
Request Chain 1190
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO.IfgAA%26470&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0b1c547c-78c1-45ca-9998-35342ea02e2e-tuctb8606d0
Request Chain 1191
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Request Chain 1196
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
Request Chain 1197
  • https://cookies.nextmillmedia.com/setuid?bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZIyBQpGLLvl3l6QCbO.IfgAA&470
Request Chain 1200
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP 307
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a
Request Chain 1211
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&khaos=LIYQEMLE-B-GF3X HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LIYQEMLE-B-GF3X
Request Chain 1212
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 1213
  • https://ssc-cms.33across.com/ps/?_=1686929744280.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X HTTP 302
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=212187031499720 HTTP 302
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212187031499720
Request Chain 1214
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625788307119378&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=bb6b4e3f-4d9a-4ab2-b007-b89982032e12 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1215
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686929744280.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
Request Chain 1216
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw%7EA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1217
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=24fdf3d903c62171&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAL4YDdFTF5mwMvHYOBAAAAAAA&expiration=1687016145&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL4YDdFTF5mwMvHYOBAAAAAAA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1218
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4184420296987606615158 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4184420296987606615158&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1226
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81020194579 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=81020194579&google_gid=CAESEG1pufovCUzVXSwehdzJvo8&google_cver=1
Request Chain 1227
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=2e5f648c-8142-4e00-a92d-af87705ce1c9
Request Chain 1228
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 1232
  • https://id.a-mx.com/usync?uid=&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/cchain/0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F3%252F612%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D93fed4af-5152-47ef-a11a-60faf652f29e%2526bidder%253Dpubmatic%2526cbx%253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F612%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dpubmatic%26cbx%3D%26uid%3D9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://prebid.a-mo.net/cchain/3/612?gdpr=&gdpr_consent=&us_privacy=&A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&cbx=&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=93fed4af-5152-47ef-a11a-60faf652f29e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-IKK08Wdf46y7WAwGojCtqSyz0tTeN84BpIf8Ng&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1233
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=93fed4af-5152-47ef-a11a-60faf652f29e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptmx%26user_id%3D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dadaptmx%252526user_id%25253D%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7868782405983581932&pt=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dadaptmx%2526user_id%253D%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=adaptmx&user_id= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1234
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=93fed4af-5152-47ef-a11a-60faf652f29e HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r.o1VYBE2uEg0FNoABcfBNXDIFVHfwm.z4Oeqr0-~A&gdpr=0
Request Chain 1235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LIYQEMLE-B-GF3X&gdpr=0
Request Chain 1236
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=adform&uid=7257672098865546847
Request Chain 1237
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=smartadserver&uid=9195223259748919252
Request Chain 1238
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D93fed4af-5152-47ef-a11a-60faf652f29e%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dpubmatic%26uid%3D9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246 HTTP 302
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Request Chain 1239
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=index_rtb&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Request Chain 1240
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=sovrn&uid=G03niPZH5lRXKpa0QfmyLxxR
Request Chain 1241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=appnexus&uid=7868782405983581932
Request Chain 1245
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LIYQEMLE-B-GF3X HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LIYQEMLE-B-GF3X HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIYQEMLE-B-GF3X&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1280
  • https://gcdn.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2EDB0CD80F2EF0AC5EA0267D24F5FF22EBE418E5.179FC910728CEE785FBF2357F2E56E81827887EE/key/ck2/file/file.mp4?cpn=Bk4n69YSOADNWqPt HTTP 302
  • https://r4---sn-t0a7lnee.c.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EF671F55E10704C2157258E565AD5501715F2B0.08E3B1EFF3AF44E56E87314F8F8E0D6133B1B6FA/key/cms1/cms_redirect/yes/mh/EG/mip/2607:5300:60:7867::12/mm/42/mn/sn-t0a7lnee/ms/onc/mt/1686928860/mv/m/mvi/4/pl/32?cpn=Bk4n69YSOADNWqPt&file=file.mp4
Request Chain 1285
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=a425a098-1bfe-4b7f-a07b-d43deddfff0a
Request Chain 1313
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dicio.com.br%2F&domain=www.dicio.com.br&bundle=jLIdpV8wZVNMcVRWM29TSzElMkJreHlpT0pLMzBDMTBBb2o0dHBoOFhlMEM5ZmxEWlBHaGdWZGYlMkY0dDg4dTZyeGJqRktqM0ZaYjQ5MG5sQTB2TEZPbkt1NDhDY0lTVHV3S2x6bEo0T1RsdVowb0hyM2NZVk14R1pvbmdOOUZmQmk1UVJTVFd2UmhJRGglMkY5JTJCcndnRElmSmZGSU1UQSUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=P7ghTXxvd1RvcVM2WWExYkxmQVhqMjdWaUYvQmlVVnVYZ0Q2VksvcjM5dlFWeWxJN25FMjNXeVpFOGhGVm41M2laZkZGOEJhbHBOZ0lOeGlNWDloUEZyYjBlK3pYNHRzVzd5QlNveVNQNnlvOHJ0L0RWeDY4OFFHcUpXSCs5NDBRWDZoU0dRM3J4OVZ0TFZJTTR5bmZaVDJNOEtRNnV0bnpvOEZiVjh4dmszUElVbmppTFY1TzRvRlZqb2Z2M3A0d3pJK3NCOXNTM1NsMGNmSC9HWHRxREU3aFdFRG0wTWdncDI0Q3dNYml6bWliQUEyUWRZZ3c3MnpON3VSV2htZ1BQdVZFUisyWElvOWt6RUs1ZVRHbHJpTHlVU3lsQ25OUTBiRjVNTUdFbFo4dTFiOD18&cppv=2
Request Chain 1334
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 1335
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Drkt%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3299313301455264000V10&type=rkt&refUrl=&vid=69297505893299313301455264000V10&ovsid=968625788307119378
Request Chain 1337
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=c8bca416-9819-4d74-acf4-00ac86ff7171
Request Chain 1338
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005&rndcb=7190004661 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7257672098865546847&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/bb6b4e3f-4d9a-4ab2-b007-b89982032e12?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297505893299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 1339
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI5OTMxMzMwMTQ1NTI2NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-LngOrBPwaVSFJlRvUNCM&google_cver=1
Request Chain 1340
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=dxu&refUrl=&vid=69297505893299313301455264000V10&ovsid=qJTDG1a51Qabu95
Request Chain 1341
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788
Request Chain 1342
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3&ssp=medianet&gdpr=0 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 1343
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dzem%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHEV3IOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3DSMRZG42TANJYHEZTEOJZGMYTGMZQGE2DKNJSGY2DAMBQKYYTAJTWONUWIPJTGI4TSMZRGMZTAMJUGU2TENRUGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHEV3IOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHU3DSMRZG42TANJYHEZTEOJZGMYTGMZQGE2DKNJSGY2DAMBQKYYTAJTWONUWIPJTGI4TSMZRGMZTAMJUGU2TENRUGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297505893299313301455264000V10&vsid=3299313301455264000V10
Request Chain 1344
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3299313301455264000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&cs=1
Request Chain 1345
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Request Chain 1355
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LIYQEMLE-B-GF3X HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIYQEMLE-B-GF3X
Request Chain 1361
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dcon%26refUrl%3D%26vid%3D69297518423299313301455264000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7c785bdf30f22171&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dcon%26refUrl%3D%26vid%3D69297518423299313301455264000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=con&refUrl=&vid=69297518423299313301455264000V10&ovsid=AAAMtwV-0PnsEgM47SSRAAAAAAA&expiration=1687016151&is_secure=true
Request Chain 1362
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D69297518423299313301455264000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=5057630732 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LIYQEMLE-B-GF3X HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D69297518423299313301455264000V10%26ovsid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297518423299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Request Chain 1363
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dzem%26refUrl%3D%26vid%3D69297518423299313301455264000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHEV3IOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBTGUTG65TTNFSD2X27LJKUSRC7L4THEZLGKVZGYPJGOR4XAZJ5PJSW2JTUPFYGKPL2MVWSM5TJMQ6TMOJSHE3TKMJYGQZDGMRZHEZTCMZTGAYTINJVGI3DIMBQGBLDCMBGOZZWSZB5GMZDSOJTGEZTGMBRGQ2TKMRWGQYDAMCWGEYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHEV3IOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBTGUTG65TTNFSD2X27LJKUSRC7L4THEZLGKVZGYPJGOR4XAZJ5PJSW2JTUPFYGKPL2MVWSM5TJMQ6TMOJSHE3TKMJYGQZDGMRZHEZTCMZTGAYTINJVGI3DIMBQGBLDCMBGOZZWSZB5GMZDSOJTGEZTGMBRGQ2TKMRWGQYDAMCWGEYA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297518423299313301455264000V10&vsid=3299313301455264000V10
Request Chain 1364
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=X6eQx8cX9MYIG3v0sS6B&pi=medianet

1381 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dicio.com.br/
Redirect Chain
  • http://dicio.com.br/
  • https://dicio.com.br/
  • https://www.dicio.com.br/
127 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
cf409ae020e1f1cfe3b71a77c037f5d7e35de67c2f7801738bc69fde46c5031c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=7200
content-encoding
gzip
content-length
27405
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:27 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

content-length
178
content-type
text/html
date
Fri, 16 Jun 2023 15:35:27 GMT
location
https://www.dicio.com.br/
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-frame-options
DENY
roboto-regular-critical.e46177b21b27cd6643c5e35f7262b3e0.woff2
static.dicio.com.br/assets/dist/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/fonts/roboto-regular-critical.e46177b21b27cd6643c5e35f7262b3e0.woff2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Mon, 15 May 2023 15:25:11 GMT
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
04/15/2023 15:25:11
cdn-pullzone
107995
content-length
14584
last-modified
Tue, 22 Nov 2022 11:31:32 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
206
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=2592000
x-server
CA.D
cdn-requestid
e8dc2cf84632c7625163d2f6e4bc1b15
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
barlow-v11-latin-700-critical.dd5b2912dbf896310865c1e9ac85ab41.woff2
static.dicio.com.br/assets/dist/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/fonts/barlow-v11-latin-700-critical.dd5b2912dbf896310865c1e9ac85ab41.woff2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Mon, 15 May 2023 15:25:11 GMT
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
04/15/2023 15:25:11
cdn-pullzone
107995
content-length
21724
last-modified
Tue, 22 Nov 2022 11:31:32 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
206
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=2592000
x-server
CA.D
cdn-requestid
a9fffaf5fb77e99f71cf3a8f8b09876b
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
auto-complete.min.js
cdnjs.cloudflare.com/ajax/libs/JavaScript-autoComplete/1.0.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/JavaScript-autoComplete/1.0.4/auto-complete.min.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4893f6fe507b28a67a8375af655c8d75d9acca594323a1be48941c3ffc835501
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2141687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1618
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-14cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFGm%2Bd5jhBX8xyxnbloDsb7LkcmDjJF8v7Eu3gwTDodKV4JG7gAFVsgOirgGpNo0fWrY%2BefEHhoHkyxI%2BBiU6CZKSO%2BrMMW8bgXVvmLWyfXqRahhjIRiLsFrxdrsBJF2Bjmx3m6G%2F0cmgTipzikuPGbk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d841f6f6e4c4bb9-YUL
expires
Wed, 05 Jun 2024 15:35:27 GMT
main.d566eae4ad9634ed2497.css
static.dicio.com.br/assets/dist/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/css/main.d566eae4ad9634ed2497.css
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
68f2d0ea1ba557aa31571abdffb38026e17c80bf65f607ad6863dc2aa54c3dd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/29/2023 11:01:45
cdn-pullzone
107995
last-modified
Mon, 29 May 2023 10:59:18 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=31536000
x-server
CA.D
cdn-requestid
5980196dd0ad266d18c87b432f603977
cdn-requestcountrycode
CA
cdn-status
200
expires
Tue, 28 May 2024 11:01:45 GMT
main.d566eae4ad9634ed2497.js
static.dicio.com.br/assets/dist/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/js/main.d566eae4ad9634ed2497.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
9fbafc2045776dc4b6af73ee4e94c969a485df91335d7c6fe1d433440a831ecb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/29/2023 11:01:45
cdn-pullzone
107995
last-modified
Mon, 29 May 2023 10:59:18 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=31536000
x-server
CA.D
cdn-requestid
200d51e4832e0985e699b07a31f20fce
cdn-requestcountrycode
CA
cdn-status
200
expires
Tue, 28 May 2024 11:01:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34d8c5cecdb4a16f26b60baf2512637e3823cf81bb4e423ac51a8c5a1c6705b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25336
x-xss-protection
0
server
cafe
etag
957 / 19524 / m202306080201 / config-hash: 10714554489475813448
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:28 GMT
logo-big-k-new.png
static.dicio.com.br/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/img/logo-big-k-new.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
bdd77490b07d38dc1c88321bd2c492b4e04e7da59fb98ba6686534535c42f467

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
914
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:17:14
cdn-pullzone
107995
content-length
1098
x-bo-server
ASB-167
last-modified
Mon, 01 Aug 2022 14:17:14 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
0%
cdn-requestid
c20d417a183c00119e82bea04bd0d504
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
v0.js
cdn.7gra.us/wc/sg-speech-button/ 		247 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.7gra.us/wc/sg-speech-button/v0.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
f281dda9522c7411d2a432736b61325c2245c1641f13cff271de87ca65d86a54

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
NY-430
cdn-cachedat
05/15/2023 16:40:12
cdn-pullzone
107975
last-modified
Tue, 06 Dec 2022 18:05:33 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
268
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"638f846d-f7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
968433adb231755902ab10cbdb43215b
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
palavras-antigas-que-quase-ninguem-lembra-ac1.jpg
static.dicio.com.br/upload/pa/la/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/pa/la/palavras-antigas-que-quase-ninguem-lembra-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
449471f17bf899b717f7e44cc4f521069842baf0e87faa375903fd9f52d8fbe5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
5512
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
05/24/2023 10:20:12
cdn-pullzone
107995
content-length
2484
x-bo-server
ASB-203
last-modified
Wed, 24 May 2023 10:20:12 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
15
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
54.93%
cdn-requestid
08578df783ef256564faef917398e1c0
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
animal-com-f-ac1.jpg
static.dicio.com.br/upload/an/im/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/an/im/animal-com-f-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
3a587fc5c9ec94f0e51d66275ae8c23f32d249476f688571faf7d95d0149a6de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
8969
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:10:51
cdn-pullzone
107995
content-length
4732
x-bo-server
ASB-175
last-modified
Mon, 01 Aug 2022 14:10:51 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
47.24%
cdn-requestid
619c0a0a4cd67d931764642989b665cd
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
1656437390ic62bb3a8e8b00e-ac1.jpg
static.dicio.com.br/upload/16/56/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/16/56/1656437390ic62bb3a8e8b00e-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
38e47077d2563f74bcfab705fe9783a961370ef5309d104cc44b5b09d50d9cda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
13161
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:11:29
cdn-pullzone
107995
content-length
9148
x-bo-server
ASB-171
last-modified
Mon, 01 Aug 2022 14:11:29 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
30.49%
cdn-requestid
ed432398c3a3b97dbd3eda7c8198c578
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
palavras-dificeis-para-o-jogo-da-forca-ac1.jpg
static.dicio.com.br/upload/pa/la/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/pa/la/palavras-dificeis-para-o-jogo-da-forca-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
faae8db54cb4a26cc96fa02a9ab70331ce1e00549c8b5a0f18d15b0f308c57ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
5139
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:10:51
cdn-pullzone
107995
content-length
1902
x-bo-server
ASB-195
last-modified
Mon, 01 Aug 2022 14:10:51 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
62.99%
cdn-requestid
9f3c76c77a6c29f06a3f5ae0cbff83bd
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
animal-com-x-ac1.jpg
static.dicio.com.br/upload/an/im/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/an/im/animal-com-x-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
064e394cc037577d0e56cd65cc9569802b3810d5808d1eeae17e3f61e1f80392

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
6036
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:17:15
cdn-pullzone
107995
content-length
2724
x-bo-server
ASB-178
last-modified
Mon, 01 Aug 2022 14:17:15 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
54.87%
cdn-requestid
d76d928ef0fc7d766d904ed9b3ef94fc
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
animal-com-t-ac1.jpg
static.dicio.com.br/upload/an/im/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/upload/an/im/animal-com-t-ac1.jpg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
864701b265961a7b15119944bb9d5d5a57ee6bc30119f4c4df897b5d30945029

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
13951
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:17:15
cdn-pullzone
107995
content-length
9610
x-bo-server
ASB-194
last-modified
Mon, 01 Aug 2022 14:17:15 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
31.12%
cdn-requestid
ce5e2bb082c46979d5a8c010487635fb
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
cata-letras-bg.png
static.dicio.com.br/img/cata_letras/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/img/cata_letras/cata-letras-bg.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
23fd6ea034fecb090846c7ca61310f40ba527af903e47791f4303d5a7026308e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
2574
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
08/01/2022 14:17:15
cdn-pullzone
107995
content-length
5274
x-bo-server
ASB-203
last-modified
Mon, 01 Aug 2022 14:17:15 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.02
cdn-requestpullcode
200
x-bo-origindownloadtime
18
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
0%
cdn-requestid
2dd2ae57085f047b4946c89a73f444fb
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
loja-dicio-bg.png
static.dicio.com.br/img/loja_dicio/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/img/loja_dicio/loja-dicio-bg.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
b20b92dffa04e80f6aa3c5daebafc73d5cfcd13bb2d2320ed48cd46f11e74cb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
16098
cdn-edgestorageid
885
x-bo-processingtime
1
cdn-cachedat
01/23/2023 05:31:34
cdn-pullzone
107995
content-length
7680
x-bo-server
ASB-205
last-modified
Mon, 23 Jan 2023 05:31:34 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
29
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
52.29%
cdn-requestid
7447ee528b07377a65ffe5fed48bf23b
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
yt-bg.png
www.dicio.com.br/img/yt/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dicio.com.br/img/yt/yt-bg.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
231699bf226c321fcd39d085e8be7b2c45c92e96569259c9452a2151742bb9a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 14:15:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5600
yt-thumb.png
www.dicio.com.br/img/yt/ 		226 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dicio.com.br/img/yt/yt-thumb.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
8e054c57d7e1e1ca11a3c59ca7d6fb43544db858db17ae01dde98637e6f796f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 26 Apr 2022 14:15:32 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
226
logo-footer-color.png
static.dicio.com.br/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/img/logo-footer-color.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
96f75f8287d0306eb57a4f978fd2835e8022948c8e1cc6eee6630d8d2807d5e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
1703
cdn-edgestorageid
885
x-bo-processingtime
0
cdn-cachedat
01/19/2023 10:46:16
cdn-pullzone
107995
content-length
3294
x-bo-server
ASB-203
last-modified
Thu, 19 Jan 2023 10:46:16 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
0
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
0%
cdn-requestid
e94e350624f28b5ec34967bbb71147c2
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
google-play-badge.png
www.dicio.com.br/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dicio.com.br/img/google-play-badge.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
3d4b659e27c251e557270cbec9154b5ca72b5b05aa1ad50937a599e3b2f99e2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 19 Jan 2023 10:22:56 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2575
app-store-badge.png
www.dicio.com.br/img/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dicio.com.br/img/app-store-badge.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
c4247379c02128f5c400a378fe0251a1631628df124d10978f51b611579727cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 19 Jan 2023 10:22:56 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
991
v1
open.spotify.com/embed-podcast/iframe-api/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotify.com/embed-podcast/iframe-api/v1
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
37df906ae01012605d60ae564b044550679fa64b51f9c89510715e164e5fbdbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

sp-trace-id
77a9476ab38b7917
date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
print.d566eae4ad9634ed2497.css
static.dicio.com.br/assets/dist/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/css/print.d566eae4ad9634ed2497.css
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
7bd7466fe4624b8b506f1fc87ff5d034fc17d5724a5069a393e7075b7992a5d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/29/2023 11:01:45
cdn-pullzone
107995
last-modified
Mon, 29 May 2023 10:59:18 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=31536000
x-server
CA.D
cdn-requestid
4ccd6d9ba8d5db6ff41fa361d3ffce04
cdn-requestcountrycode
CA
cdn-status
200
expires
Tue, 28 May 2024 11:01:45 GMT
gtm.js
www.googletagmanager.com/ 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
354ca49e10c36b836a810b94ea45f1798d408da3bd2087ba075238123751fa46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54835
x-xss-protection
0
last-modified
Fri, 16 Jun 2023 15:08:42 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jun 2023 15:35:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:24 GMT
content-encoding
gzip
via
1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, EWR52-C2
age
1145
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IqhTS_xG2konjf5nIMQMG2XWpEhHl5TQ657f727b2Bqs3LXI1WJWGA==
/
eu.7gra.us/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.7gra.us/
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.229.192 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip192.ip-144-217-229.net
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
content-length
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
getSpotifyBgColorCode.php
www.dicio.com.br/widgets/ 		8 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.dicio.com.br/widgets/getSpotifyBgColorCode.php?t=show&i=1wqXAwYjxvnkJBLueeojy0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
ed3e25d283909f6bba05744969ba038e5472abd5cca209b063efe97fb5d1039e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
vary
Accept-Encoding, User-Agent
content-type
application/json
cache-control
max-age=0
accept-ranges
bytes
content-length
28
bg-about.png
www.dicio.com.br/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dicio.com.br/img/bg-about.png
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.102.18 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ca.d.7gra.us
Software
nginx /
Resource Hash
1656a4ae0ac2d0e26ae78b1a5c18e7169a29eaa58ee12050a7d4a3234f6515e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 19 Jan 2023 10:22:56 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7519
dicio.a0c0fef25820059e06f8cea8e0d563b2.woff2
static.dicio.com.br/assets/dist/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/fonts/dicio.a0c0fef25820059e06f8cea8e0d563b2.woff2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
906c899f697b3af009a90a6eea7f5d796d0532cc14761a5fc6986c5a732cb280
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Wed, 10 May 2023 21:46:49 GMT
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
04/10/2023 21:46:49
cdn-pullzone
107995
content-length
4076
last-modified
Thu, 19 Jan 2023 10:22:56 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
206
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=2592000
x-server
CA.D
cdn-requestid
56cd8f8803ada757a151508a084b5289
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1wqXAwYjxvnkJBLueeojy0
open.spotify.com/embed/show/ Frame 2594 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
14a9cf34a9c6ff7b7952e58403a130918ffcc41fbab4f072032ff05243e4ffc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:28 GMT
server
envoy
sp-trace-id
b1c2232eb82e1355
strict-transport-security
max-age=31536000
vary
Accept-Encoding,Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
100
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 13:44:42 GMT
content-encoding
gzip
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
41601
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hig5r-ZPBAnvXqYIsu_wdT4ktPdPlgHS-ffdeiOZA5c8Z4RNxEskbg==
embed-iframe-api-v1.317dcf3d.js
open.spotifycdn.com/cdn/build/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed-iframe-api-v1.317dcf3d.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/iframe-api/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ec043122391c112aa217282b49542d9ba6f45e7b9d5411657dfe054a8cb6994

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
698197
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10837
x-served-by
cache-chi-kigq8000096-CHI, cache-iad-kcgs7200095-IAD
last-modified
Fri, 26 May 2023 12:53:48 GMT
etag
"31d3e0429df3606e0e9782f4fc8fffe7"
x-goog-generation
1685105628088986
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
10837
accept-ranges
bytes
x-cache-hits
15838, 1
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dicio.com.br&pubid=031d2526-e3d7-48d3-94fd-8cec14da13e5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
ea0efdafd9030543e048a32e3dd9991fa78066196248811a19e4f1e3301688a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:13:13 GMT
via
1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
1334
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1638
x-amz-cf-id
ROuScBfa8zHWv8lGPDev8w4q_Eo_FwXtaD4CLKs4ze2MBdcptML4fg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
date
Fri, 16 Jun 2023 02:37:42 GMT
x-amz-cf-pop
EWR52-C2
age
46667
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
bbQoBJGGjzwpVTls269vOQerOHK2l59w_2rf8tw0-X9hCMPKcmKKyA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 23:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
56730
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128870
x-xss-protection
0
server
cafe
etag
11402592609364769902
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 23:49:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ce5e30dad56d17a991fd56a91b53565a55497afee5597db8f7594631a483171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
598
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:28 GMT
v0.4.0.js
cdn.7gra.us/wc/sg-speech-button/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.7gra.us/wc/sg-speech-button/v0.4.0.js
Requested by
Host: cdn.7gra.us
URL: https://cdn.7gra.us/wc/sg-speech-button/v0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0076e97cc888c0d88b4c0b237a85f81a6242e2ca5980cdeaa3aac2976f6c0b53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
NY-266
cdn-cachedat
05/15/2023 16:40:13
cdn-pullzone
107975
last-modified
Tue, 06 Dec 2022 18:05:32 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
341
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"638f846c-7407"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b2db4be7db97d27cf63c490eb018ac31
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
chunk~vendors~social.f461691a08f72a660261.js
static.dicio.com.br/assets/dist/js/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dicio.com.br/assets/dist/js/chunk~vendors~social.f461691a08f72a660261.js
Requested by
Host: static.dicio.com.br
URL: https://static.dicio.com.br/assets/dist/js/main.d566eae4ad9634ed2497.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0a9be68816edc69de55fbddd12c082462305ee4377b06287b009b0fc0a539111
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
885
cdn-cachedat
05/29/2023 11:01:45
cdn-pullzone
107995
last-modified
Mon, 29 May 2023 10:59:18 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=31536000
x-server
CA.D
cdn-requestid
f489d81cc701e61702407100ff662099
cdn-requestcountrycode
CA
cdn-status
200
expires
Tue, 28 May 2024 11:01:45 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.2.2/lazysizes.min.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6128768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3119
last-modified
Wed, 27 May 2020 09:33:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ece33f7-1e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5abcYXmBZnI00U0M%2FaWpd74q%2Fr0doREsgimuet2ADV9O%2FxQJ8prE936bbHAKvYnGuayXQTh8aQbsPIGoJ5uCHLcwC%2BgDGUxYBmDUrchIVcIFpfSY%2ByKA2VLefniC3zVWZAPV%2FL%2BlUz1IrMWGQNWzU6K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d841f719c854bd7-YUL
expires
Wed, 05 Jun 2024 15:35:28 GMT
bg-about-desktop.png
static.dicio.com.br/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/img/bg-about-desktop.png
Requested by
Host: static.dicio.com.br
URL: https://static.dicio.com.br/assets/dist/css/main.d566eae4ad9634ed2497.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
d3d23938e88490aae66cb7dcc4e91bca6cda76d568ddb89073c4394a0984c0f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.dicio.com.br/assets/dist/css/main.d566eae4ad9634ed2497.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
x-downloadsize
11979
cdn-edgestorageid
885
x-bo-processingtime
3
cdn-cachedat
04/19/2023 10:59:16
cdn-pullzone
107995
content-length
12876
x-bo-server
ASB-209
last-modified
Wed, 19 Apr 2023 10:59:16 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
16
content-type
image/webp
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
public, max-age=2592000
x-bo-compressionratio
0%
cdn-requestid
06fac0017e3f8d71d8c59f4c401951f3
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
loading.svg
static.dicio.com.br/assets/ 		508 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dicio.com.br/assets/loading.svg
Requested by
Host: static.dicio.com.br
URL: https://static.dicio.com.br/assets/dist/css/main.d566eae4ad9634ed2497.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
ab0b132840b1268c9e66406bb0cd68b2deb178b967df0b8012e64f3263054936
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.dicio.com.br/assets/dist/css/main.d566eae4ad9634ed2497.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cdn-edgestorageid
885
cdn-cachedat
04/17/2023 16:17:08
cdn-pullzone
107995
last-modified
Thu, 25 Jul 2019 15:46:57 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
206
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
c221a09b-1155-4dd2-93e0-7c4d2678fe80
cache-control
max-age=2592000
x-server
CA.D
cdn-requestid
447c9dd351e2d2624b50c58cacccd1ce
cdn-requestcountrycode
CA
cdn-status
200
expires
Wed, 17 May 2023 16:17:08 GMT
CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
encore.scdn.co/fonts/ Frame 2594 		82 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://encore.scdn.co/fonts/CircularSp-Book-4eaffdf96f4c6f984686e93d5d9cb325.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:28 GMT
Content-Encoding
gzip
Age
9962940
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
84027
X-Served-By
cache-chi-klot8100118-CHI, cache-iad-kcgs7200054-IAD
Last-Modified
Fri, 13 May 2022 11:38:51 GMT
ETag
"f7b12903dd7a2d536ceb2b7cd1dba2c1"
x-goog-generation
1652441931211351
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
84027
Accept-Ranges
bytes
X-Cache-Hits
221414, 42563
CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
encore.scdn.co/fonts/ Frame 2594 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://encore.scdn.co/fonts/CircularSp-Bold-fe1cfc14b7498b187c78fa72fb72d148.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:28 GMT
Content-Encoding
gzip
Age
24007764
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
89529
X-Served-By
cache-chi-klot8100163-CHI, cache-iad-kcgs7200041-IAD
Last-Modified
Fri, 13 May 2022 11:38:50 GMT
ETag
"216b12b5a9657850b1b324e158454f8e"
x-goog-generation
1652441930609707
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
89529
Accept-Ranges
bytes
X-Cache-Hits
1, 56011
CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
encore.scdn.co/fonts/ Frame 2594 		85 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://encore.scdn.co/fonts/CircularSpTitle-Bold-2fbf72b606d7f0b0f771ea4956a8b4d6.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:28 GMT
Content-Encoding
gzip
Age
3212974
X-Cache
HIT, HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
87344
X-Served-By
cache-ord1746-ORD, cache-chi-klot8100110-CHI, cache-iad-kcgs7200151-IAD
Last-Modified
Thu, 19 May 2022 07:59:23 GMT
ETag
"db1a27b35e26398fef4be920ea96078d"
x-goog-generation
1652947162999500
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
87344
Accept-Ranges
bytes
X-Cache-Hits
1, 85171, 17400
CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
encore.scdn.co/fonts/ Frame 2594 		84 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://encore.scdn.co/fonts/CircularSpTitle-Black-3f9afb402080d53345ca1850226ca724.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:28 GMT
Content-Encoding
gzip
Age
14571078
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
85585
X-Served-By
cache-chi-kigq8000115-CHI, cache-iad-kcgs7200057-IAD
Last-Modified
Thu, 19 May 2022 07:59:22 GMT
ETag
"0e196bce574e01f42fc686e3e6dc4f76"
x-goog-generation
1652947162414027
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
x-goog-stored-content-length
85585
Accept-Ranges
bytes
X-Cache-Hits
241277, 54674
spoticon_regular_2.d728648c.woff2
open.spotifycdn.com/cdn/fonts/ Frame 2594 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
age
17302386
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
56996
x-served-by
cache-chi-klot8100082-CHI, cache-iad-kcgs7200087-IAD
last-modified
Mon, 28 Nov 2022 09:18:52 GMT
etag
"3b7bbfac9ed3e75d426728e900579aa9"
x-goog-generation
1669627132083473
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
56996
accept-ranges
bytes
x-cache-hits
121476, 11569
en.a45a9249.json
open.spotifycdn.com/cdn/generated-locales/embed/ Frame 2594 		3 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/generated-locales/embed/en.a45a9249.json
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a45a92497e75953ee457a60ca7d2fc6e3f8e2205b54f8b6ed7a149b7f1af498b

Request headers

Referer
https://open.spotify.com/
Origin
https://open.spotify.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
631542
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
889
x-served-by
cache-chi-kigq8000062-CHI, cache-iad-kcgs7200087-IAD
last-modified
Thu, 08 Jun 2023 12:11:30 GMT
etag
"227620928eea60fad8f89f30e0282c15"
x-goog-generation
1686226290088857
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
889
accept-ranges
bytes
x-cache-hits
35, 126
embed.6245f081.css
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		121 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/embed.6245f081.css
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60bdaa75527109a0f3925d8f8b28ececc9fb0e1e061dd5103c56c2e4cad4c553

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
782598
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16162
x-served-by
cache-chi-klot8100064-CHI, cache-iad-kcgs7200095-IAD
last-modified
Wed, 07 Jun 2023 14:08:17 GMT
etag
"646235ed357d40b7eded696e4843f2a1"
x-goog-generation
1686146897845224
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
16162
accept-ranges
bytes
x-cache-hits
3, 5022
vendor~embed.359598f4.css
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/vendor~embed.359598f4.css
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
786e22f91df71cf586b793e30764448ac25401d9cc2173ee5c57b79cede0fa9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
5013918
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1047
x-served-by
cache-chi-klot8100109-CHI, cache-iad-kcgs7200095-IAD
last-modified
Wed, 19 Apr 2023 13:42:52 GMT
etag
"766c8201056b834ff771325062f0caf0"
x-goog-generation
1681911772140374
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
1047
accept-ranges
bytes
x-cache-hits
15, 4795
embed.40dfd0db.js
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		204 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/embed.40dfd0db.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
573e4c302c81c58e4e29df2a04835d38960208f50665eef4fc78d5d2a9031a00

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
4896
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53871
x-served-by
cache-chi-kigq8000118-CHI, cache-iad-kcgs7200095-IAD
last-modified
Fri, 16 Jun 2023 14:08:05 GMT
etag
"f86c55e2507527ad1d89530cf18351db"
x-goog-generation
1686924485949240
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
53871
accept-ranges
bytes
x-cache-hits
33, 143
vendor~embed.4a022388.js
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		1 MB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Requested by
Host: open.spotify.com
URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adad49d56c25875d1bbba55f11e7514eeb879e7621881c779642a1b4740d77e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
266355
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
312067
x-served-by
cache-chi-kigq8000035-CHI, cache-iad-kcgs7200095-IAD
last-modified
Tue, 13 Jun 2023 13:31:10 GMT
etag
"0c64f90dc9b4cd4db5bcac30f06a132b"
x-goog-generation
1686663070061974
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
312067
accept-ranges
bytes
x-cache-hits
41, 10
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-37.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
date
Thu, 15 Jun 2023 15:52:49 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
85359
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Nen2cRA2NPu0zWeI871F9Gd6ZowBaiP4VDq4MfIIAj5E8b6CxsSOhQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.39.253.208 Paris, France, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-39-253-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 16 Jun 2023 15:50:29 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
EA51M5YPH1XKBPMM
age
2686
etag
W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d841f734e8f5a1c-IAD
x-amz-id-2
sNDKhJ2OXra7aogQcWiTT5GIK/W34dWy6U5UHSoXsLysp82p1+9nuS+9ci3O3weOWlJCjmYJ5T4=
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:18:40 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1008
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 16 Jun 2023 17:18:40 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.3.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@3.3.2
  • https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.iife.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e29a5aebbbc2d82b6f7d9dbbf03ced7ecaf592adf68338a02aff332b3e7bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
328166
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H2RMJY0R3RHJ9DJ5TSRCZ0FZ-yul
server
cloudflare
etag
W/"1b99-+0VwSXVmoLd0uGhBB2XoSfehK74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7d841f754cc07157-YUL

Redirect headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H2GNKY6DBYC22ZHHAPT1G4JN-yul
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
595520
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.3.2/dist/web-vitals.iife.js
cache-control
public, max-age=31536000
cf-ray
7d841f744af47157-YUL
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J39WVELZST&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc2c55b55a74e83245a1938d2bcaba1e39d1932bc60ae4437fc526c832be93e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 15:35:28 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
H_pJIzQa3aBuGUGUU96-d8LcRwshcbhc0ZwK6hqyu7OjAvIWT76rDw==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728460&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
content-length
0
x-amz-cf-id
oQHAHKDBT6PGbmuD9yPcGfOWfprlPB80RqHYlS04gkjAMyY-x7emgA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Onlin...
  • https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Onli...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
bsZlKMUuMl77ztC3tkaxJ65s8mVFZtPNgPGy6YvKF0q6KIrZaG1hTw==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 16 Jun 2023 15:35:28 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
location
/b2?c1=8&c2=21145335&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929728461&ns_c=UTF-8&c3=1111&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
content-length
0
x-amz-cf-id
MTRxasmWmd4AI1AD1t0ATnpVe6bhNPC6PSQcFEIbOdFr4nBIwcCvLw==
ab67656300005f1fbf1611db97bb37d0635a00b6
i.scdn.co/image/ Frame 2594 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.scdn.co/image/ab67656300005f1fbf1611db97bb37d0635a00b6
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.6245f081.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d770c5cd64d77cff0d3d7f5aad48fc3646442699b7e34b2a9ecfcc311e2777a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotifycdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:28 GMT
Age
802317
X-Cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
26484
X-Served-By
cache-chi-klot8100029-CHI, cache-iad-kcgs7200119-IAD
Last-Modified
Mon, 01 May 2023 20:31:51 GMT
ETag
"23421861365cb72fcba15e0f420150fc"
x-goog-generation
1682973111851253
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
x-goog-stored-content-length
26484
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Cache-Hits
228, 1
bid
aax.amazon-adsystem.com/e/dtb/ 		219 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dicio.com.br%2F&pid=UuemWK9K7oDhG&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1442412085880-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22200x200%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F1062898%2Fdicio.com.br_new_mrec_home%22%7D%2C%7B%22sd%22%3A%22div-gpt-sg-db99f5556f818f92da9e7fa6bdd218ed%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x400%22%2C%22160x600%22%2C%22300x250%22%2C%22120x600%22%2C%22250x250%22%2C%22200x200%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F1062898%2FDICIO_BR_HOME_SIDEBARSTICKY%22%7D%5D&pubid=031d2526-e3d7-48d3-94fd-8cec14da13e5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e0353c2b3f83faf0c94c71e0f661c4664279e8a5f9e85bea648ea5ce11e9b5bb
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
PKQQDGZ63T06C48FW8TE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
219
x-amz-cf-id
ffqJTzf-SClq6UVy3T1YRY773s5wIGogfeiGL_MPoktw2LK1GW6kfQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:29 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:08:26 GMT
content-encoding
gzip
age
2449623
x-guploader-uploadid
ADPycdvGoOy3yWK5C0OWKcRlKdtXTJ3wnRLVApMLSd-H-74VVmJM8n0yOs4ROREHpjz1WXvVjVfTm0pL0I11GiwN3ozg5g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 18 May 2024 07:08:26 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:40:17 GMT
via
1.1 google
age
3312
x-guploader-uploadid
ADPycdufiT5zqmLOemM1PrNV9sBQG9UuCyrKWWzt-rDLkzqNpJsQGDY20Mw06dIpq1CYvaDJe8kDyIhars_2Ip56PzSa6rP9BAPF
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:40:17 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:06:27 GMT
content-encoding
gzip
via
1.1 74e6dd86eff86d5443ebe1a2ced7df88.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
37743
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LCJQpBpZp2WUC2T1p13zEAWqAH0_jfiNhMHixeQ_137_z9EGWXNBoQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
15350
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yul12834-YUL
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:a800:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
Date
Fri, 16 Jun 2023 09:16:59 GMT
Via
1.1 17eb4ce9c34597b3328325a19f8138fe.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
22711
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
KSdIPz7YPIBKC9MYzGVQlIOKN395IN2dTMk4DrLCkBnpcP_i-h4ltw==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 06 Jun 2023 14:15:50 GMT
server
cloudflare
x-amz-request-id
EA5FQDY7447XGPEC
age
2156
etag
W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d841f742f405a1c-IAD
x-amz-id-2
SgRCKy/ZPHXMAyoJmUtaybpcrrzv7CbXptDKPdvWKOt0SbDou6XhrdyCMQju1B8ai7vHnQ6SgvE=
/
o22381.ingest.sentry.io/api/1409086/envelope/ Frame 2594 		2 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.46.0
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
publisher:getClientId
ampcid.google.com/v1/ 		74 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-52.ewr53.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 08:46:27 GMT
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront), 1.1 e832d261a0bb86f8ba09ea0550c8e77e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, EWR53-P1
age
24542
x-amzn-requestid
6e87dd74-99e0-4151-b668-e7389ab4915a
x-amzn-trace-id
Root=1-648c2163-3aa5c83255d1dd07647e1ad6;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
GmonkFV_DoEFkug=
content-length
30
x-amz-cf-id
vfSF7CKfkT-VqkH42Y3b_awl-Boims0hg96D2gy-8qA4Yi6RIkgjfw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-J39WVELZST&gtm=45je36e0&_p=1720505703&_gaz=1&cid=350313747.1686929729&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686929728&sct=1&seg=0&dl=https%3A%2F%2Fwww.dicio.com.br%2F&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J39WVELZST&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J39WVELZST&cid=350313747.1686929729&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J39WVELZST&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J39WVELZST&cid=350313747.1686929729&gtm=45je36e0&aip=1&z=982558097
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
apresolve.spotify.com/ Frame 2594 		273 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
827543244b3c29c06ad309db1cd4405278c0f602f117a343225f6a71704be797

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
154.e6c7e602.js
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		228 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/154.e6c7e602.js
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.40dfd0db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a869098bb600fb0bf884a15818b903616ab8909b146619ede15f1ada4022091

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
782598
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51964
x-served-by
cache-chi-kigq8000106-CHI, cache-iad-kcgs7200087-IAD
last-modified
Wed, 07 Jun 2023 14:08:18 GMT
etag
"d1fe39250a0f6a50e83006f693472353"
x-goog-generation
1686146898124232
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
51964
accept-ranges
bytes
x-cache-hits
3, 3935
spotify_player_o.ab54b680.js
open.spotifycdn.com/cdn/build/embed/ Frame 2594 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.spotifycdn.com/cdn/build/embed/spotify_player_o.ab54b680.js
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/embed.40dfd0db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:79::763 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99e86f8a5468a2177eda1389bea947db15d41867475dd984c265d742d9f86d85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:28 GMT
content-encoding
gzip
age
782598
x-cache
HIT, HIT
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7435
x-served-by
cache-chi-klot8100078-CHI, cache-iad-kcgs7200087-IAD
last-modified
Wed, 07 Jun 2023 14:08:17 GMT
etag
"cdc15dd656652baef4bfb0a078e104e6"
x-goog-generation
1686146897796537
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-goog-stored-content-length
7435
accept-ranges
bytes
x-cache-hits
4, 7285
/
apresolve.spotify.com/ Frame 2594 		273 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
b2e573bbfe0e51467d82c3178fad113fe468f4d091aee145dcb6d0d5592609d8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://open.spotify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
ae0ab1ed04cd36e4768832511145738c21f5a196e86da76504c4c0ca7ecd6f63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Jun 2023 15:35:29 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 2594 		13 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:35:29 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dicio.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.dicio.com.br
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 16 Jun 2023 15:35:29 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
625d1407de4d32e95b6977454f5b5957
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44b608a3fedc8cde99292456ab32680fa4cb92cd3a224a6be10701b11807f9c5

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
4c7a7e44a773706fef461c50a4149324
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp&cc=1
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4ed5154c4a1909e3592c4db1a3b22a56742cbfc4e0dd96173c53be8af6dedcad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-vghtu3fkjoq0ggn31NhHBT4OsUg"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dicio.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 16 Jun 2023 15:35:29 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.dicio.com.br
location
/esp?url=https%3A%2F%2Fwww.dicio.com.br%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame B78A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:29 GMT
server
Kestrel
server-processing-duration-in-ticks
390047
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		235 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.219.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-219-236.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c10c4c2c43cf6d64b1c1a3550568fc8f84b96e93c2248766c99a84e6e35c8c2e

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache
x-server
10.40.37.187
access-control-allow-credentials
true
content-length
235
expires
0
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1720505703&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACAAI~&jid=960156528&gjid=1207158114&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&_r=1&_slc=1&gtm=45He36e0n81N8R4QNX&z=165038890
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1720505703&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20VitalsWeb%20Vitals&ea=FCP&el=v3-1686929729169-3253254098578&ev=485&_u=aADAAEABAAQCACAAI~&jid=23486379&gjid=752587759&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&_r=1&gtm=45He36e0n81N8R4QNX&z=118406137
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame D54F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
389 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ca5d39319f05ce929e87ba2fd8aac7faec05849c8171db0ee63a3d2472c29c59
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
389
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:35:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
023X60EMF3V5DYZYXZ5H

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9Y0W7G3X2PKYN3ZBEH5W
1239.json
id5-sync.com/g/v2/ 		601 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1239.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
12c393f61063b6abe6b6484d486cc196bb498b8e12098a164cf61e00ac15ed9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1529839571453054&correlator=3450372227622943&eid=31075065%2C31075350%2C31075354&output=ldjh&gdfp_req=1&vrg=202306080201&ptt=17&impl=fif&iu_parts=1062898%2CDICIO_BR_HOME_SIDEBARSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C240x400%7C160x600%7C300x250%7C120x600%7C250x250%7C200x200%7C300x100&ifi=1&adks=1336132335&didk=695482775&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1686929729662&lmt=1686929729&dlt=1686929727849&idt=735&adxs=978&adys=2098&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.dicio.com.br%2F&frm=20&vis=1&psz=323x3079&msz=313x100&fws=512&ohw=0&ga_vid=350313747.1686929729&ga_sid=1686929730&ga_hid=1720505703&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhsnjpowxSABSAghkEhkKCnB1YmNpZC5vcmcYqc3jpowxSABSAghqEhcKCHJ0YmhvdXNlGIbJ46aMMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiFyeOmjDFIAFICCGQSFAoFb3BlbngYhsnjpowxSABSAghkEhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiGyeOmjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd18f6a968e106222467c5ce8a55a90e65117648fad19526ee425c4fc2922284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11973
x-xss-protection
0
google-lineitem-id
5179162798
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425100986
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:29 GMT
expires
Sat, 15 Jun 2024 15:35:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1529839571453054&correlator=3450372227622943&eid=31075065%2C31075350%2C31075354&output=ldjh&gdfp_req=1&vrg=202306080201&ptt=17&impl=fif&iu_parts=1062898%2Cdicio.com.br_new_mrec_home&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250%7C200x200%7C300x100&ifi=2&adks=3744028455&didk=4012149299&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1686929729699&lmt=1686929729&dlt=1686929727849&idt=735&adxs=978&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.dicio.com.br%2F&frm=20&vis=1&psz=300x260&msz=300x100&fws=512&ohw=0&ga_vid=350313747.1686929729&ga_sid=1686929730&ga_hid=1720505703&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhsnjpowxSABSAghkEhkKCnB1YmNpZC5vcmcYqc3jpowxSABSAghqEhcKCHJ0YmhvdXNlGIbJ46aMMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiFyeOmjDFIAFICCGQSFAoFb3BlbngYhsnjpowxSABSAghkEhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiGyeOmjDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfa542fd62f82fe2f7a601467dffb197b9aa017c6f028bb677311f7f9ea343e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
225979
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14499
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
352760
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame B78A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=dicio.com.br&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kNYgE3xaaUlPRDhJSGlmcVpHUU1RTWRxTFg1R1FuTXpyMkVLTlNEVUdiQThaY0hIMXl3aHdObHFXa3NxWlg4UmQyQk1ZTFZMY3g3YkFsUzEvRjh4SjdXYVZmUG15d216V0dvNC96QWprQXQzWnBpMVR0NXA5VDhWeEpmcm...
441 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kNYgE3xaaUlPRDhJSGlmcVpHUU1RTWRxTFg1R1FuTXpyMkVLTlNEVUdiQThaY0hIMXl3aHdObHFXa3NxWlg4UmQyQk1ZTFZMY3g3YkFsUzEvRjh4SjdXYVZmUG15d216V0dvNC96QWprQXQzWnBpMVR0NXA5VDhWeEpmcm56MU1aeFVLb3RMOEo1V0J6MHBONnE1RnZvbzdmWElNUzl5aDNoNUE5T0tncmtJNUgza2pQWkR3cGFwcVJRcGJ5ckEvWndSTkhSenkxVXduV3RQaTlEZ0Z4OHMxcVB2QWxFZTR2YjdVTEFvNW9OV3Juekh1c2ZnanRJTmRwTDVTK3dBTjJJeEU2clVrcWplY2llMFk0QmNTYXZkemxmUT09fA&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a8effdd3d5ab5204abc2fee8c8912f6d21b46d4d2665dffe253aacc6cf260d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1233315
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kNYgE3xaaUlPRDhJSGlmcVpHUU1RTWRxTFg1R1FuTXpyMkVLTlNEVUdiQThaY0hIMXl3aHdObHFXa3NxWlg4UmQyQk1ZTFZMY3g3YkFsUzEvRjh4SjdXYVZmUG15d216V0dvNC96QWprQXQzWnBpMVR0NXA5VDhWeEpmcm56MU1aeFVLb3RMOEo1V0J6MHBONnE1RnZvbzdmWElNUzl5aDNoNUE5T0tncmtJNUgza2pQWkR3cGFwcVJRcGJ5ckEvWndSTkhSenkxVXduV3RQaTlEZ0Z4OHMxcVB2QWxFZTR2YjdVTEFvNW9OV3Juekh1c2ZnanRJTmRwTDVTK3dBTjJJeEU2clVrcWplY2llMFk0QmNTYXZkemxmUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
403113
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=960156528&gjid=1207158114&_gid=1136156445.1686929730&_u=aADAAEAAAAQCACAAI~&z=237992162
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=23486379&gjid=752587759&_gid=1136156445.1686929730&_u=aADAAEABAAQCACAAI~&z=55976030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 2594 		13 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:35:29 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Jun 2023 15:35:29 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
pd
google-bidout-d.openx.net/w/1.0/ Frame 7071 		594 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ce9ea9d1fb487c960a1ea5a9d8af91eacf7e1ca61ac48538739cfb4052b3a5ec

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
384
content-type
text/html
date
Fri, 16 Jun 2023 15:35:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=960156528&_u=aADAAEAAAAQCACAAI~&z=1513396007
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=960156528&_u=aADAAEAAAAQCACAAI~&z=1513396007
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=23486379&_u=aADAAEABAAQCACAAI~&z=186609993
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-10605777-8&cid=350313747.1686929729&jid=23486379&_u=aADAAEABAAQCACAAI~&z=186609993
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
371d33a4-b61e-eaaa-f384-94f2a41bdbce
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7071 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/371d33a4-b61e-eaaa-f384-94f2a41bdbce?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 7071 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fb0c299d-3a18-c319-025d-0090337fdd67
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YA0K2MQ6KHMN4P58XF2G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7071
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0&gdpr_consent=
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=a3da55e0-26b2-78e3-c253-82075b4c1687&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 7071
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7071
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 093D 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4cf0b2d6739897c8b9d6b379439e4824a9753991331275f401f6fb28540f2756
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3545
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:35:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MDBK4C32R7KG2WBSEA5C
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9F205E48DAMCAATXSN80
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=81322635-d407-41c6-90b3-06c576eb4a0a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=81322635-d407-41c6-90b3-06c576eb4a0a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E5A0GAAWHCWSZ3CC5MEX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=81322635-d407-41c6-90b3-06c576eb4a0a
access-control-allow-origin
*
date
Fri, 16 Jun 2023 15:35:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3299313301455264000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3299313301455264000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ER876JZS3TARZ3SR7S0E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3299313301455264000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 16 Jun 2023 15:35:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AADU507JGQMAACEM6-pGFA&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AADU507JGQMAACEM6-pGFA&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TB9MN37FZZR9VRTNZ1W6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AADU507JGQMAACEM6-pGFA&ex=beeswax.com
Date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 093D 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=B1419C921A984094910AFB59BC53B6E3&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=B1419C921A984094910AFB59BC53B6E3&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
936HG6T0XEJS16EWMB3K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=B1419C921A984094910AFB59BC53B6E3&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 093D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NlEeHRMbmPui4ApJw2rW
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NlEeHRMbmPui4ApJw2rW
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M2EP7FKZ415RCBTZ41BG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame C3D2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.160.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-160-148.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d233f0a09dbbe7abefa79422fe9fdf1826d814cc2b7ee11273f0001f4af35de2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 16 Jun 2023 15:35:30 GMT
etag
W/"0a2ddb9f895bf8cc8dd68e2978c3462a9"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4efc4ef0221748b56db7e0245dbd3b0064924e4bbc79f7e9d4964485031793ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1781
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame BF48 		715 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d9526c991e03a61f44638c5139b5f4cacdd46c051850ff11e275c6a7643df554

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
450
content-type
text/html
date
Fri, 16 Jun 2023 15:35:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 977C
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=9195223259748919252&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=9195223259748919252&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4GS3N60W5KQFSV448WG4

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=9195223259748919252&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 9D27
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=c004ea6955b1492&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMtwV-0PnmdgN1RnBYAAAAAAA&expiration=1687016130&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMtwV-0PnmdgN1RnBYAAAAAAA&expiration=1687016130&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QVGE5TNEQA7CRBN0ZGXX

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 16 Jun 2023 15:35:30 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAMtwV-0PnmdgN1RnBYAAAAAAA&expiration=1687016130&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B329 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59876
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:30 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4C2B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 9907
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1IZFZhdlUxRTJ1Si5SUDA3bTc0UW9BM1BLQmh1OVlzQn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1IZFZhdlUxRTJ1Si5SUDA3bTc0UW9BM1BLQmh1OVlzQn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
50MVDQAHZFQQXH9CEGGR

Redirect headers

age
0
content-length
0
date
Fri, 16 Jun 2023 15:35:30 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1IZFZhdlUxRTJ1Si5SUDA3bTc0UW9BM1BLQmh1OVlzQn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
amazon
ce.lijit.com/beacon/ Frame 64A4
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-Azerion_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
90eb0b097b35755783ab1bbb39b4209b796b29da40d148443875470fc482e20e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
505
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
ecm3
s.amazon-adsystem.com/ Frame BF48 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fb0c299d-3a18-c319-025d-0090337fdd67
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EYC45EDRKZE3DE4NG5S4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame BF48 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8d1ed669-fed8-42aa-9174-430dccefe2ee
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame BF48
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZjYxYzJhODYtZWJmNS00ZTgzLTlkMmEtMDJmNDYyZDc3NzVmEAAaDQjCgrKkBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0ee81d56f367cf144766ebb45bc8b0f307fa61dc59f689f980bf223a4f104a03791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwZWU4MWQ1NmYzNjdjZjE0NDc2NmViYjQ1YmM4YjBmMzA3ZmE2MWRjNTlmNjg5Zjk4MGJmMjIzYTRmMTA0YTAzNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwZWU4MWQ1NmYzNjdjZjE0NDc2NmViYjQ1YmM4YjBmMzA3ZmE2MWRjNTlmNjg5Zjk4MGJmMjIzYTRmMTA0YTAzNzkxNDI2YjU0MTdkY2UyMRAAGgwIwoKypAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a307ce15-de30-4cfd-b22e-2084afc93b74
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=a307ce15-de30-4cfd-b22e-2084afc93b74
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=a307ce15-de30-4cfd-b22e-2084afc93b74
date
Fri, 16 Jun 2023 15:35:31 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame BF48
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7868782405983581932
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7868782405983581932
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
061e44f5-e4cb-4b87-8722-5e82dbdcbfec
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BF48
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame BF48
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZIyBQgAAPUaJFQAz
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIyBQgAAPUaJFQAz&_test=ZIyBQgAAPUaJFQAz
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIyBQgAAPUaJFQAz&_test=ZIyBQgAAPUaJFQAz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686929730.287105,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIyBQgAAPUaJFQAz&_test=ZIyBQgAAPUaJFQAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 4C2B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74400
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7868782405983581932
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7868782405983581932
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ab71ee88-8e00-438e-88b9-affee2a93621
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&gdpr=&gdpr_consent=&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=gumgum2&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=gumgum2&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=316e038e-a60e-4413-b36d-47b1f4d6b6ff&expires=3&user_group=1&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-4263f094-4c93-5e85-50c1-1c0d9b792ac7$ip$149.56.153.184
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-4263f094-4c93-5e85-50c1-1c0d9b792ac7$ip$149.56.153.184
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-4263f094-4c93-5e85-50c1-1c0d9b792ac7$ip$149.56.153.184
Date
Fri, 16 Jun 2023 15:35:30 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVHGYRLFJBJE2YTNKB2WSNCBOBFHOMTSK4
  • https://usersync.gumgum.com/usersync?b=zem&i=NlEeHRMbmPui4ApJw2rW
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=NlEeHRMbmPui4ApJw2rW
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=4PN9fuFh8ZXL&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=4PN9fuFh8ZXL&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=4PN9fuFh8ZXL&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rm9dk
expires
-1
c.gif
c.bing.com/ Frame C3D2
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28blAiVZONxHH5Sdl-zjM0iXyPTVT4NLqj_jE-Y44COfmodDDa8MROngo6TSKbDb_s%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&obuid=ENC(blAiVZONxHH5Sdl-zjM0iXyPTVT4NLqj_jE-Y44COfmodDDa8MROngo6TSKbDb_s)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
42 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
last-modified
Tue, 06 Jun 2023 17:34:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4D2D57D5EBA8421D9F884A8C5FD8469B Ref B: YMQ01EDGE0620 Ref C: 2023-06-16T15:35:30Z
etag
"4729cb259d98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

Location
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Date
Fri, 16 Jun 2023 15:35:30 GMT
X-TraceId
26457efbfd4cf0940eb51c0184f7b381
Content-Length
0
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=54e7f190-0ea7-40b5-a528-92ea931c17c1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=54e7f190-0ea7-40b5-a528-92ea931c17c1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=54e7f190-0ea7-40b5-a528-92ea931c17c1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-kR2KmEBE2pdBYiJJXxKygUZ5FjRL0a48XKnZ~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-kR2KmEBE2pdBYiJJXxKygUZ5FjRL0a48XKnZ~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-kR2KmEBE2pdBYiJJXxKygUZ5FjRL0a48XKnZ~A
content-length
0
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=05397481-14be-41e5-b894-0f13dbdb9e9d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=05397481-14be-41e5-b894-0f13dbdb9e9d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=05397481-14be-41e5-b894-0f13dbdb9e9d
Date
Fri, 16 Jun 2023 15:35:30 GMT
Connection
keep-alive
X-CI-RTID
ba7b422a-17c8-4058-af56-d138a73ea88a
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
418723667
location
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame C3D2 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:30 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=81322635-d407-41c6-90b3-06c576eb4a0a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=81322635-d407-41c6-90b3-06c576eb4a0a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=81322635-d407-41c6-90b3-06c576eb4a0a
access-control-allow-origin
*
date
Fri, 16 Jun 2023 15:35:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C3D2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9195223259748919252
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9195223259748919252
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9195223259748919252
date
Fri, 16 Jun 2023 15:35:29 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C3D2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_010554f4-f22b-48bb-aa7d-dd1df78f257a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JF3NHP5Z0DD20RVPRCR1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 5376 		22 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
22
Date
Fri, 16 Jun 2023 15:35:30 GMT
Pragma
no-cache
Server
nginx
e9d4ff858b5e32317e843f5ed11b2659.gif
cs.iqzone.com/ Frame C149 		9 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 16 Jun 2023 15:35:36 GMT
Server
nginx
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F28D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59876
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:30 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4654
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Fri, 16 Jun 2023 15:35:30 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 49FB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Fri, 16 Jun 2023 15:35:29 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x29 config_version:"1969"
location
https://usersync.gumgum.com/usersync?b=mmh&i=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame F858
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZIyBQgAAPUaJFQAz&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZIyBQgAAPUaJFQAz&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 16 Jun 2023 15:35:30 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZIyBQgAAPUaJFQAz&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1686929730.319404,VS0,VE0
khaos.jpg
token.rubiconproject.com/ Frame 4C2B 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame B329 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32809535&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4808c9e1b2c270f6a16ad1effa1f0637d434919395715553b74d68081444eff6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:30 GMT
content-length
1573
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D773 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wMTA1NTRmNC1mMjJiLTQ4YmItYWE3ZC1kZDFkZjc4ZjI1N2E=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 573E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZIyBQsCo8YQAAMZzhOkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZIyBQsCo8YQAAMZzhOkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:31 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:30 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZIyBQsCo8YQAAMZzhOkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad58.dc4p.scaleout.jp
X-SO-IP
149.56.153.184
X-SO-Key
ZIyBQsCo8YQAAMZzhOkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.184","key":"ZIyBQsCo8YQAAMZzhOkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad58"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad58
usersync
usersync.gumgum.com/ Frame 6DB3
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=e9cd9076-54b0-4888-91dc-53262d48b930
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=e9cd9076-54b0-4888-91dc-53262d48b930
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=e9cd9076-54b0-4888-91dc-53262d48b930
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 3A7C 		43 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 8975
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=X6eQx8cX9MYIG3v0sS6B&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=X6eQx8cX9MYIG3v0sS6B&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 16 Jun 2023 15:35:30 GMT Fri, 16 Jun 2023 15:35:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=X6eQx8cX9MYIG3v0sS6B&pi=gumgum&tc=1
pragma
no-cache
usermatchredir
ssum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A332 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S0FCV9JCC6D9WGYPBTB5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZIyBQpGLLvl3l6QCbO.IfgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&expiration=1689521730&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&expiration=1689521730&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&expiration=1689521730&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
demconf.jpg
dpm.demdex.net/ Frame A332
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
54.85.104.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-104-179.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v048-07a3c5551.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fC9KGfokSm0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v048-0faa943a6.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+ve2Zq0dS6o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame A332
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7868782405983581932
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7868782405983581932
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e0a5bbd5-ac2a-4bf4-b28f-d427d427d15f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7868782405983581932
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7868782405983581932
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b9364714-6670-48bd-8c2f-03408e8b4ed2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A332
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg
Date
Fri, 16 Jun 2023 15:35:30 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame A332 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DB44DS9Z75RW3GXDPPZN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B3F8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 15:35:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 64A4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=G03niPZH5lRXKpa0QfmyLxxR&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y515CVTJXVTE28EP5ZG7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 64A4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=6c8b0ba5-a158-47ce-9300-413aabcb94d3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=6c8b0ba5-a158-47ce-9300-413aabcb94d3
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=6c8b0ba5-a158-47ce-9300-413aabcb94d3
date
Fri, 16 Jun 2023 15:35:30 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 64A4
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 64A4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
merge
ce.lijit.com/ Frame 64A4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=4PN9fuFh8ZXL&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=4PN9fuFh8ZXL&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=4PN9fuFh8ZXL&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rm9dk
expires
-1
merge
ce.lijit.com/ Frame 64A4
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1686929730433&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=B1419C921A984094910AFB59BC53B6E3
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4328 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwDMjC3ShYWoEOsKn3CN8iaa-wt0mZFqCMjtKzYRLse2XKEYBM9szXGH4vSOKR9vxTPyjTcdec24K-c_hk-tW7ceveIO9qLXueeM_0k0nCaDuPPd4rhXhk0QJ69_cDClmlKJvEyXCjo1_ZS0rzJdE65T54TFPXsPu1Z0aFeqHKd6Wl-WDe4eXVJ7QdNq4iuvdlNU4M911vFF4dfC4mcbp-UBcYvhxKK3rW3F5rwRZMJtwNUyAGUvCgdiBGavzKrqWI0GOq_fR2kPJ6OKicNYa2GwAQCPszmeUCNc_oQ9Xi78ViAOYE50nlj0XASaNGe08XmHS8muv10hPx_MojYY1jrj2d&sai=AMfl-YS0jp84XwgphTjLEaURGzuZNhr58591FZrJgprM1-oUwtSu9g4ebiIud23tTdTrWLNPhGXjLjoj-sSxCYRfAnQMW92iQn31jsuVdInCSpNh_1kg3d-wGUvCWCMHYliKATCFiiwoCQ6mB_tfAj0&sig=Cg0ArKJSzOSTaIUyNtk_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
nucleads.com/ Frame 4328 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2cf823ebd1e2d7b0649b99673b599eda7de0e6f83e2ef0d09531576709b0ec8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
R1D2s3Kk5zdoPZnfOnKtnRrfDKgJdfzA
content-encoding
gzip
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
date
Thu, 15 Jun 2023 22:34:11 GMT
last-modified
Mon, 29 May 2023 16:40:15 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
61280
x-amz-server-side-encryption
AES256
etag
W/"79d67edd63b460a375a4fe1a6b64d45f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9azUKCmuO9_PBWbsAiJs6HZEqiINtjoTw0_5KRN50g9xA17FejoVow==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4328 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:30 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1720505703&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sg_GPT&ea=SlotRenderEnded&el=%2F1062898%2FDICIO_BR_HOME_SIDEBARSTICKY&ev=0&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&gtm=45He36e0n81N8R4QNX&z=2037210508
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 08:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24014
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4C2B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LIYQEMLE-B-GF3X
  • https://s.amazon-adsystem.com/ecm3?id=LIYQEMLE-B-GF3X&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LIYQEMLE-B-GF3X&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PKPXTQ77Y8ANAQSBHJNW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LIYQEMLE-B-GF3X&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0F5E 		85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 16 Jun 2023 15:35:30 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1686929731.783763,VS0,VE14
ecm3
s.amazon-adsystem.com/ Frame 4823 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:30 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RWHJMXKYYMYQDEQX5DXN
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B329
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mspQ6XqmSeKtH-KQ777iRg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=59876
accept-ranges
bytes
content-length
5554
expires
Sat, 17 Jun 2023 08:13:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame B329
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttd_puid=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame B329
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 16 Jun 2023 15:35:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame B329
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1ac4af0b-7258-49ea-8eb2-143131247f20
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1ac4af0b-7258-49ea-8eb2-143131247f20
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
3.233.21.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-21-199.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 16 Jun 2023 15:35:31 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1ac4af0b-7258-49ea-8eb2-143131247f20
date
Fri, 16 Jun 2023 15:35:30 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame B329
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFDQTUwRTktN0FBNi00OUUyLUFEMUYtRTI5MEVGQkVFMjQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B329
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B329
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B329
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
1 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 13:54:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2359921639606788299&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B329
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:56:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
usync.js
eus.rubiconproject.com/ Frame B3F8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74400
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
g7ik9tk2o8zw7bzdiztu.json
nucleads.com/c/ Frame 4328 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/c/g7ik9tk2o8zw7bzdiztu.json?cb=1686929730803
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84db7fee2f0e3d6810750a40bb1283fcbe597fc2f9581dedbcbfdd519c6e5dea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 22:06:49 GMT
x-amz-version-id
NQsah4Z0_k3dLe3rxVUH32uY6E.MAj3q
via
1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 18:49:22 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
62922
etag
"2fc5151ff936e42c791a951a10d073e5"
x-cache
Hit from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
content-length
1804
x-amz-cf-id
Se1PubjxLhSE7gjEdF2IhkRoxRK9UEbcTBffebI8-ut7alwN0WBLLA==
truncated
/ Frame 4328 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42a3c0a8083cfb6568899ca2b8082f6ffbed75b5d0ce4d3599450a0bf04dbe52

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4328 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx1L323AdB60p8-l5SJGGMrkUz0kR9z3pYmOtrMa3T5UPufZRGPietr7AL1AZnZ26lU4IQbpGPxsYefQqrP4-Il5FjY3g9H-_sL__wKlpIG-gnCPxlgaF3-_zZCL7lwYnz2vc9UxTlYQl_AoJzVzzIeF4nOqiz5fAJ0jx2pzVu7U0vpqAuZU-s9iKzK5vKU-FfOKnmSl-6LWZ98kKIzL-h40d9EADQUjES0ELOUFEg80psXA9qogWGqBAPXjMTleSmx9CWdyiIyie__a4-p8328RqbbtkPkoLakC_rYiTuxwWy1RrxoGGMjhjwXdiOmb7JwQ0Vy-QEn2uvIj6rXj73HU2gxsQ&sai=AMfl-YQ__PMVc03mWfmSYSmHqD0_VCKDyOSU2dIJBhKfbAjwEOzZWPpWaeo_ve8cUCiHNcMkEdOsr_kFAQDe5eRSxmMdTgaNBFNiwACaMtWLDwGouc-Y-3C76yBAqedmC5OMbmaLVLqmEehn4oLyXP0&sig=Cg0ArKJSzHyrS6J244mwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:30 GMT
pixel
cm.g.doubleclick.net/ Frame 4C2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElZUUVNTEUtQi1HRjNY
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJZpSRkvxLKz56IJVIHo-jo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUUVNTEUtQi1HRjNY&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUUVNTEUtQi1HRjNY&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElZUUVNTEUtQi1HRjNY&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4C2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U2ryNiTWCyl12RpjqSBVzQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Zq2U9BxE2oKlU_XBTLQLhBlL9gdgfubIJYYzPw--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Zq2U9BxE2oKlU_XBTLQLhBlL9gdgfubIJYYzPw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Zq2U9BxE2oKlU_XBTLQLhBlL9gdgfubIJYYzPw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4C2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C2B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4C2B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gbjjs4FZRNm8c6YEz7hC0Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gbjjs4FZRNm8c6YEz7hC0Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gbjjs4FZRNm8c6YEz7hC0Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KPZ1SR8PRVNRM9V7F59Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gbjjs4FZRNm8c6YEz7hC0Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C2B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4C2B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7PP3Y086JEE3MZTS8FMG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 4C2B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYQEMLE-B-GF3X
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYQEMLE-B-GF3X
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DB62911D3D6E46508213985E2CAC99B4 Ref B: YMQ01EDGE0817 Ref C: 2023-06-16T15:35:31Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+QO9lD1B3bzjLGFHYcw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIYQEMLE-B-GF3X
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame B3F8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LIYQEMLE-B-GF3X
  • https://usersync.gumgum.com/usersync?b=mag&i=LIYQEMLE-B-GF3X
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LIYQEMLE-B-GF3X
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LIYQEMLE-B-GF3X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 360E 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfdba3d49288337df32d4b1df551b114ead317b6db6659f6bf71be63f0671292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26090
x-xss-protection
0
server
cafe
etag
173 / 19524 / 31075332 / config-hash: 10714554489475813448
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:31 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 360E 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz3Q1IY2kayhjHBp3OZdWl4uZFwebwuZ9vyyFg3wpXuLTdNx7MOI8nmcwwEXAnOfMSCrn0aXXQqYCPAjYysvK6ufWm%2BpH4rB18z720WUYsiCyQeKX9gAcGQc5H3hRCQh%2BvLAk%2F4atRlog3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f846cd15a10-IAD
p.html
nucleads.com/r/ Frame BEF7 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=fefxqlcl&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
IWwfIcpSqNE_iY3ozTDgQCabVQks4-lCSvMZ2MfShZ7FuJEgLVmgXA==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame 2E16 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=xwjvohytl&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
joDqj1mBWIwZNJ5DGxKzt6p-m08aG-OPhh2VLTLN9ibDGesKAp5ahA==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame B60A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=njertjyc&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
tRWl5-LTXWN9N2xADm2RC1bwc0QtokMHVyW9LTWmuxPLHw-LGE2RKw==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame 1715 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=huvvvpw&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
I884hZo4ZPev0eetQNZ-i2UMuwjAu8exGP64d0UNVFtYKEn_zT5Suw==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame 09E9 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=vrdczbx&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
163zuSfSaN7hZmKFeaKOcFzMpNbBnw5jSFNeQOIsHz8X0RfSO-vWSg==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame 8904 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=ooglvk&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
i6sVOnW1Yg7jMZniQw0hsu3WmzSoYE-GUBEh3ID2SaRFOct-JVkRVg==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
nucleads.com/r/ Frame E455 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nucleads.com/r/p.html?f=fwoxwsyl&e=1992969008185
Requested by
Host: nucleads.com
URL: https://nucleads.com/t.js?i=g7ik9tk2o8zw7bzdiztu&cb=4712661686929730609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-87.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
9805
content-encoding
br
content-type
text/html
date
Fri, 16 Jun 2023 13:28:56 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
x-amz-cf-id
Ouffl4R2rRjigAf7Vm_LtX0L-DQeshx13SJNJGI2ca_0JvzqQpVvaA==
x-amz-cf-pop
EWR50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/ Frame 360E 		407 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
71854
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128446
x-xss-protection
0
server
cafe
etag
17347100504976350628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 19:37:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 360E 		2 KB
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ce5e30dad56d17a991fd56a91b53565a55497afee5597db8f7594631a483171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
598
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:31 GMT
container.html
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEF5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:29 GMT
expires
Sat, 15 Jun 2024 15:35:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1720505703&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sg_GPT&ea=SlotRenderEnded&el=%2F1062898%2Fdicio.com.br_new_mrec_home&ev=0&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&gtm=45He36e0n81N8R4QNX&z=1869417377
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 08:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid7.19.0.js
hb.adpone.com/ Frame BEF7 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=fefxqlcl&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbmN1BNAoP45i3%2Fkee9WPIqQ%2Fb%2BqzfBPk%2FeUoeWmwrejNFt2Ka1HsE2tAmPhiVERB1R5lNpMDk0TGaWgPmRD1R3Y2t0YjD%2B0eK2BlrLl4LGU%2FdkkXXMlgJ%2FrtENe7RrZNaquTDlFS%2FPtGC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f860e0e5a10-IAD
prebid7.19.0.js
hb.adpone.com/ Frame 2E16 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=xwjvohytl&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0zA4CnSTaf5dn3qqVWhlKpV%2B6U0moEmYgk5PpJb7z48ez0d6vrd4f%2FztiUpOvKSQ3cMng5pROnuA%2Bf9mvPDm4MgHgXf3rsWHE64p79fniTOf7Ff8n72AzBDDvMrzvDqJpMcO%2F0dD42y5Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f861e275a10-IAD
prebid7.19.0.js
hb.adpone.com/ Frame B60A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=njertjyc&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OixoykoJU5qL3dvW9oQz%2FDQR1iYy9t2YMGGEHOvSMfz%2Bdyr01Jh0sSWGPtTB33xUbeoMBdL%2FcgGeCMXkOlxmr0FZb0g%2BooBPRRYmkx2J3vl9A6VSsbIF2RXRKGo0vTB7l8xDB7fhqkbyoG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f867e765a10-IAD
prebid7.19.0.js
hb.adpone.com/ Frame 1715 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=huvvvpw&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvhkN6kPvovlYh9YC3YrdVMaPVpe1ZmN915wNiD2inKJk5Hq0Yn7g%2BKVS%2BIU0uAqAYQW%2FQKOs%2FIq8%2BXnS2UowohisMGHomsKWJrmX0bkiqVQ4AGxDwJZvrCX9IJanwfjC7cZbumOUN5fzp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f867e7b5a10-IAD
prebid7.19.0.js
hb.adpone.com/ Frame 09E9 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=vrdczbx&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGtyrzqAxYezR9uOar3uUKbxOXNT6UW%2B%2BAKZ5wX9tYEMSAqX0PEeu2OrFPAiLn6WNGcBozPi1Eh3%2FW71T7IRgChOlBhe%2FJbo%2FlgqbDZ6aCvnYcPQdRg2kmdi4PlvWTcx11oSRrG3AMFNVi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f869e9d5a10-IAD
prebid7.19.0.js
hb.adpone.com/ Frame 8904 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=ooglvk&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2tPMERbGKdqvNT75ZGVdbj6XyZ25fTXDE4tLT1XxSt9VueNDaykJT%2B0pdsbA1H%2BqoV32ek4tzvZgVQzlFnCIo0rccxbiRG%2FXkIqde80z%2B1ze3ebWjfguTHLVM7U2YvAmPnoh269ho0mcsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f86ded45a10-IAD
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 360E 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=%2F21671350435%2C1062898%2F300x250-dicio.com.br&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2abf6d43-c448-41c7-b33a-71adbe9a3768&l_pb_bid_id=2912f7dfa064c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21671350435%2C1062898%2F300x250-dicio.com.br&slots=1&rand=0.23826625581219396
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c249e9c1c832eb9b8081ae90a8046b6f3d36bdfa4efc5c6574524a1e54fd43fb

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.dicio.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
shb.richaudience.com/hb/ Frame 360E 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 360E 		94 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
34fe9a3f8003927013ef8fc5b1581ea0cff13ec75f2e43df7cac28e00c86acfb

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dicio.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame 360E 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
850950ee9179c879ce265ec83fa30a49940122b1211ec2ecec59dc30370d6060

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 360E 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 360E 		37 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211e31622a947228%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F21671350435%2C1062898%2F300x250-dicio.com.br%22%2C%22adunitcode%22%3A%22%2F21671350435%2C1062898%2F300x250-dicio.com.br%22%2C%22divId%22%3A%22div-gpt-ad-359122865531-0%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212956fa1f777bbf%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F21671350435%2C1062898%2F300x250-dicio.com.br%22%2C%22gpid%22%3A%22%2F21671350435%2C1062898%2F300x250-dicio.com.br%22%2C%22tid%22%3A%222abf6d43-c448-41c7-b33a-71adbe9a3768%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22ba7d51ed-f91a-493e-b18f-087b98baa87b%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
518d27ea6cc928cc83a362b7a686421e9629af65010658f13a5c2b3e8e312e34

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx6TYGv%2BHKO39qB%2BYDNpL4Psueeo0UN0Hy%2BqoObf9OVe9SWasjZIckWPb2xxgZm6AOmECkEL1IA4DPHpG9TWDoARpoyu9%2BfCNBDc4Cvbf8njzMDJisMN2s%2FRT0gfSSXXWd23mZ4x"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f877e9d5b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ Frame 360E 		854 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
d6bdee5d7558476a315d12e3b95b8fbf93ddfaf099f2125f9cb81bfa5b223bd4

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 360E 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 360E 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50517656828&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid7.19.0.js
hb.adpone.com/ Frame E455 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=fwoxwsyl&e=1992969008185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z3C86CR41RVZT090
age
791
x-amz-server-side-encryption
AES256
x-amz-id-2
/OvNezHImmLyNz4b0LsddwSgGoFCMEDnhRAB6QWLUnFMnEJH9SV7PrnMlwDjCTwQvRFlkDUXEig=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uECMIOX7FICQQypbKmN1%2BfmnlHlrM3Ox0wYlGN%2F7Wg%2FHCuNr4JIPS9%2BM%2BXCo0%2FednH12bRHGAWDJAbeZSk7qvZ%2B84g793Q5yKhI6m4k5oXJaUoNsY5n5L2drw%2BzzmplM3fzJDDTmzAvkXHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d841f871f0d5a10-IAD
adview
securepubads.g.doubleclick.net/pagead/ Frame EEF5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmY8QQoGMZPz_EMPNzwXGwrL4D-6StZNcv6KFx-QFwI23ARABIABg_eiigfADggEXY2EtcHViLTc2ODMzOTUyNjg1NjIxMDjIAQngAgCoAwGqBOQBT9D7AkCSxNwmpZzQYxTkfmn4iMZB1_FB2rPeqHMmq_wVfoETZa8RQi69_V0cy6fSXHPY_h2EqZ7dWShBeJ5xU4ojgMfNnnIr3_znFK93mhkaw-GbFz02u-gcTObSLo8JIH7sYXciztAEudx6s_NiB8I5ZI5C9pA5nwKO9B0_JlpCcFTb296EMiH1DpyML1gFhxA2KhP1xpaoJLhkhP5LE9WfDajnfbhLUQ6mZe45jqn1WfcWo7KYjICyuzxbJcjjaMKgJQkkYdX5C0KIQ0B9JwXrRkK4T5HZyFVh4cwTXjcRJeEe4AQBgAa0kLy6iOeEn8cBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzY4MzM5NTI2ODU2MjEwOBjo7gY&sigh=6EejUnsy0xU&uach_m=[UACH]&cid=CAQSTABygQiD6teAFPgvFVNWr77kdDHD57ZzNyrwI7YKTf9OnUZDTEAebc64_qkAEh9_0mxrDbuC5xkDtq2jfKmBNzbB2wi3NHTrWLCvArUYAQ
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
ttj
ib.3lift.com/ Frame EEF5 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=7Graus_SHA_RON_EB_HDX
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-107.ewr53.r.cloudfront.net
Software
/
Resource Hash
fb5e74f6681a831445f88fee46deb22403d8bf0da680c7fdd99ad68f5d6057b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:27:17 GMT
content-encoding
gzip
via
1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
495
etag
"1f5e263f4d2459c322d3364dc5496ce1d7a6365e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=86400
content-length
2214
x-amz-cf-id
PFs14oykg3u9okJWvyZa5IERtwyIUBbRHdUta9Hta6UsDu96RYFvmg==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame EEF5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
79158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:36:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame EEF5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
79158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:36:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EEF5 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 17:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
166430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jun 2024 17:21:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EEF5 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:31 GMT
notify
tlx.3lift.com/s2s/ Frame EEF5 		37 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=ZIyBQgAEP_wKs-bDAAyhRgogySRnx09nJFa-gw&ts=1686929730&aid=37000276533921298888890&ec=4945_84215_526855_ssl&n=GrwEaHR0cHM6Ly9ydGItdXNlLm1mYWRzcnZyLmNvbS9pbXBfczJzL3YyL25NMWFYVFZtV0Zwc2RrZzZJOGRDaTFxM0RmWVNjRFdhbFJoVEh1dHlTNkFMZXh6UHA5R2VpZTZUZTBXTnhfSlZ4d1IzRlpvU2Zma0FFUHV6WFFNS3VXdEd2Y2NiWTZjVnR5U3RFUHNEQXdXdDFJUkEwVFdkVW5JaGpXQWxuckZwWmprMS1sLXNoenRyUExyQ3hCdWx5UVhnRHJidTRxRkdlSDNJSVA4b2VCcHdtYW5scm9IX2lNMTBfdWVxX0gzMWhGczh4U0FGMFJZVUNzS0RDVWMzLUg4bE85SFpFTGs2WVlxYmNzeU9GdjV2cXEzb242QURTRkw3Zlh4NnN1RkpueWVjMW0yQll5YjZGTWkyQUtvcVYtNTdvRkQ0RnNrVzMzbkgxa0wxV25uOWZiY0JYQlUyRXhkbUM5UDhSXzFuY2lBclVnOHp3U3A0UFdTaUdUa1dvTkFrc3lGMXg4RXVfLUV6djRDeHpMLWxZNFhUZmFmdzdRR2d5TmloRnBTc0ZtUTd5aDgvMC4wNzYveldiZWl4Yy02M290ZEgzbDZsdWc5YmpkY0NRY18wNUp1VXZTOWNhMUNWTTIxVENJaFdnY3JxeERuN1lPZ3hpWDQtQXg0MnBQamhfeTNZUXZsOWcweGdoZlZIYlZabVZfSTNDZHNhUTU0S0twSllJbHdxY2Yzb2VHTF9lWU5KNDRxZz9xPTHyAuMBCAASFzM3MDAwMjc2NTMzOTIxMjk4ODg4ODkwGAAgASjRJjD3kQVAAUgBUABgCmgAcLKNI5ABAJgBAKgBALgBCsABQcgBTPABAPgBTIACQZECAAAAAAAA8D%2BZAiBhpCNi68E%2FqAIAsAIByAIE2AIA8QJmZmZmZmbmP%2FgCgTiAA6wCiAP6AZADAJgDAKADAKgDBbgDzZUPyAMA0gMKNTI2ODU1X3NzbOADgLb2PekDAAAAAAAAAADwA0z5AwAAAAAAAAAAgAQIiQRSuB6F61HIP6AEBKkEIGGkI2LrwT%2B4BAvABHr4AgWCA8QBaHR0cHM6Ly9wb3N0LnVwZGF0ZS4zbGlmdC5jb20vMi81OTY5MTgvaW1wcmVzc2lvbj90aT0zNzAwMDI3NjUzMzkyMTI5ODg4ODg5MCZjYj0xNjg2OTI5NzMwJmlwPTI2MDclM0E1MzAwJTNBNjAlM0EwJTNBMCUzQTAlM0EwJTNBMCZkdD01OTY5MTgxNTIwOTUxMzY3MzYxMDAwJnB2PTRiZTE0MjZjLWYxZjAtNGM2NC1hMjcyLTc4MTBmYjg2OWQ0M4gDAJIDBDMxYWOYAwCgA5%2FLBKgDAA%3D%3D
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.41.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-41-163.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ Frame BEF7 		899 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2bc622c7a2e570d8bfa9cb0cf0aec04d63d684e0bd967561ace4a0b1a08a642d

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame BEF7 		94 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a479e742cee2a895641b335883ef83a813d553fb7d8324c3737f3ee010b69d6e

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame BEF7 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
b37c0031b83541513eb8ec712a41c94de5f764180241b2c93f3a0722e899d876

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BEF7 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731503&tk_flint=pbjs_lite_v7.19.0&x_source.tid=af885dfe-d3d7-4cab-a8f5-770afa64563b&l_pb_bid_id=8b67e78edf730f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2943245445814804
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2fcbb208bfabc76af88cd77b638fcf85edd50660e9543df0ea581e77b1b82cb0

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame BEF7 		36 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229fef30ea72e9dd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731503%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731503%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22108a3d298560f76%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22af885dfe-d3d7-4cab-a8f5-770afa64563b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22abb47a96-1f62-4a3c-b048-2d77d62db15c%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60265c8d5fce12f8be1c6c371e68489dfe48356bc1b19a23d4646056daeefd12

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWs1vmclJ5c6HpVJniwBQD3jXmdhFiiRsXbhDoFJ2I6Nd3udlXnmceweu25mDIcrOCA2CieHRjNlYe6yTt1kkwf5pstQHog75n8yGMqhWHuvVBwZ8Mkmlzf2fscLyTq8tm7sPEWn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f87ff035b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ Frame BEF7 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53017831589&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame BEF7 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BEF7 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame 2E16 		94 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7a7fefcc71fb4f06e7e1bdde31a188fa361e027ffd98ade317834b1cbc014e3b

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ Frame 2E16 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2E16 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
76ec354ea485e2215af0e16e54fc5678f95b829ca19851fe744e4d93e6231e21

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2E16 		769 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
09f792df813fe782a7f8c7d39ff723c65bf63212ff4768857e0bf97d9a47a060

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 2E16 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12223973048&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2E16 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731521&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc161597-67cf-456b-831b-259284b3fc1b&l_pb_bid_id=129973dd0455b76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40819487293098033
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71af6a2e6fdd4f20d5dca5131d5cd731a5492e396163aa404d476ef96546a4ec

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 2E16 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221303f5da3b79402%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731521%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731521%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214486555a5c63fb%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22bc161597-67cf-456b-831b-259284b3fc1b%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%225e604d6a-4b16-4020-87fd-7e352f1fa9b2%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c989a36869084f3fd2d299918ad45061f8036aee00fd5591f9e409e0d6aa64ac

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zol7Ff9r0G7yk1haRsF1BAiAPdyy3E9MZtkxfP%2FlE8EBudIYk0AXNzbTpftpCjkJvy2Pl25VgmOZmoF%2F9uTG5w0JEslZ5JKmHqRJ4J4fcPGOBML3q8ZDZE%2FWIdZF%2BIN14s3KEq5I"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f881f245b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2E16 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 1715 		970 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2386daca77d7103504253b070f7a6cd94f5bacb1050b740bd3fdc672b1624765

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 1715 		36 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223ed39b7da2b3d4%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731565%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731565%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b1add8598c2c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22181e7b33-fe1a-4f79-bd09-28d1be7e75fa%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%226f91970b-cb70-470f-bb6f-0f03dfe79cf1%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63df6b9f31920181a64b18f632e17cb82b3d60cb456e650ee8d55bb124e5415

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jweYsUs32pljvrpMHz4AswKTvvz5AJtN7e9PRbGZdGZstq891%2FC%2B9JhRgD6R3b6hvK9PiUEJ3TxPbSlnU0jc%2F5umePOoOkxUGTB7hP80DRqoK0ovpoZR42R8maBpCSHRIeEkFII4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f882f285b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1715 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame 1715 		94 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bdde7fad94d3c172a9d8a825aa6816a9e94ad9c01a045eb947e8490eae3f77f1

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1715 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731565&tk_flint=pbjs_lite_v7.19.0&x_source.tid=181e7b33-fe1a-4f79-bd09-28d1be7e75fa&l_pb_bid_id=10a14b338a5ce5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.895586371440591
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4756bceccb13546ea3a7d35f52e3b64c110280689bd255205097e6e620469a0f

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 1715 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
868effc99b534814601623cdfb53d74173a4acb5b29018b8d27dfb34d872a8b9

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 1715 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90549689570&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 1715 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bundle.js
ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/ Frame EEF5 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=7Graus_SHA_RON_EB_HDX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-107.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4feb275f4004ae990d74f2baa3c0d6afa65e3f69cccce604d7048767bad46a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 20:57:53 GMT
content-encoding
gzip
via
1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
153459
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
61102
last-modified
Wed, 14 Jun 2023 20:57:30 GMT
server
AmazonS3
etag
"4a9ca6a94c52e98733c348bf159be078"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
VKHgbc0oS8bz3l96uyAUHbpOF73DWhHi80puMM4uA1lGlPdNWJ7kYA==
cdb
bidder.criteo.com/ Frame B60A 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43819433416&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B60A 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731557&tk_flint=pbjs_lite_v7.19.0&x_source.tid=13b3ced2-f7d6-437f-bf4b-0963312ad9a7&l_pb_bid_id=4153a21ffa267b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9813390474986403
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c2ec44e1d015de813b1d9a248f7abe1321fcefd6647764def27ef01679e0a55

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame B60A 		36 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2255bc53cea74625%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731557%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731557%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22652d4c03857f48%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%2213b3ced2-f7d6-437f-bf4b-0963312ad9a7%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22efe9ed4c-f4bf-4b9d-8090-ad63902c1401%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6eaeed11d520e77144180382bc820c09182eadcc0190844ba85bc281783981

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RSOn%2BFGxKSW%2B0y8iF7W9edLgZ9DW56AhW1eia4tRKHGPa%2BsX7eBGfXBow4h51N%2B3%2FaVAWfUSZj9G85%2Bzvjyi%2FCQJTWKXiHfOk29z48ZyI5t7Gqnov13Y%2BOGyyNtXOInNMMwyoQ7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f88affb5b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame B60A 		712 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
abeb67953851ec05ae08d09d5025ce06106eb80e8d2c51ab1946a36cb1e1419f

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame B60A 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame B60A 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
4b39099d5375a160c795a06804ad144d9ea750dc7d04819fd446ee8e0bbc763f

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B60A 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ap.lijit.com/rtb/ Frame B60A 		94 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fa9c3704cbaad2da2c3219298095afaa8d84dcd4c7872f961e91f180b5f9deff

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8904 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 8904 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 8904 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
1f182e3c90e2679c21f12f4538c28083fd981b5c193aa08962c3d59668f757cf

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8904 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731638&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3a16d635-4107-4456-9755-d20076e20349&l_pb_bid_id=850b5218e14e0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5410754033026097
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
592abf8db68d3c029b375f195e445d5f2ea47c162e6e8c1c8c3d4d6dfe113d0e

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 8904 		35 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229accf8eb9b512%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731638%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731638%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2210087211e811819%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%223a16d635-4107-4456-9755-d20076e20349%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2240c3f83a-00d4-4040-b018-1555d0d4fbd8%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e7f3fa1dda0dc7058427b5a78c39cbbcafb31504364a3f2e09dd0b7192cb7e

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmxk7O0fVcHsKDt41iT1ip%2BGAD8Dqu58SVIu5TdWQQExdWbtI3lQFKiWYAPx62A5D5wKM88XkfQM2xTBhhdWuO8YkCigHrSg6%2BCQE2rG1%2FUXG%2B5s2%2BUsuEj2dw%2Bs4hTqwVBRZAIE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f88a8015b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
cdb
bidder.criteo.com/ Frame 8904 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25983661891&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame 8904 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a843e2975495633695633439e69191c8adcd09e11fc11f37311819e104c9b771

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 8904 		94 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ec7f05ac140982f99e62b10db5cacf2a6b4413c9ece1c9417a9d19be19330b54

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
pbjs
htlb.casalemedia.com/openrtb/ Frame 09E9 		35 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213aa07f058291%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731594%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731594%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222bc0d2269e99d6%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22242deec1-8106-43cd-a2d6-cb277998b4d2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%22461ad16b-a788-4033-baa2-c675b2df9c86%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ec60201aee3600f6c66b9f24c232384d0225b9fee9094b1fbbdf63a374c875

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEffE9%2B2qC4lqYZIqcsW9tHXj7l7EjewX%2Fe79J8xeHx6Tej7wnpXTCiTJ%2FguDd8oI6orEk65a58EKAJuWlI3dN0pUsTai7EoQe05lVKwY2rju0lpxhxTkEyTa7AwggiABoKJyK98"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f88b80a5b64-IAD
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 09E9 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731594&tk_flint=pbjs_lite_v7.19.0&x_source.tid=242deec1-8106-43cd-a2d6-cb277998b4d2&l_pb_bid_id=400fb5f622139d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.836609458022737
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
760f2167cd5573f69b6ef2c54f8997af2c761848b6948071a18c76c60c7451d9

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 09E9 		916 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
472b139b56ec759d301f483a7e69eb35b07a19680063a8436783f5fecd8d9f0e

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 09E9 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 09E9 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56844430393&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ Frame 09E9 		93 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4a61b1c2288c15b9a2f03e495ee3ec0eaac64672351e64dad081a46e678bbcee

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame 09E9 		993 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a7d58f7da11777facb13677b969c0c5fb3086761608707a5aa54634d781726f1

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 09E9 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
truncated
/ Frame EEF5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c0dd82887a8f09c4469be3df71d6d502b41337fdcc6409a75750d90ec9e74e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
pbjs
htlb.casalemedia.com/openrtb/ Frame E455 		36 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=543957&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221808b43a1c8e54%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.dicio.com.br%2F%22%2C%22domain%22%3A%22dicio.com.br%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dicio.com.br%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fnucleads.com%2Fr%2Fp.html%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22adpn-adtag-1686929731679%22%2C%22adunitcode%22%3A%22adpn-adtag-1686929731679%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222618511d40ed9d%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22543957%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22b98992a0-96eb-4918-8bcc-f62543cdfb6e%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%221a3555ea-7318-46aa-bb14-30a0e076fba9%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpone.com%22%2C%22sid%22%3A%2229402d77f796a9ae82f7%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e8006b3f9b532fb5a1b99133cd080c6178debd2238d48e921bb8808c463588

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X05mR3K%2FaT6M96cU9rf9nJta1S8Q1kL3vfhfP6G8wMgBPXyT9cH4%2FakipSNOEVdPhWk%2BioPuXW9vBj7%2BVnNyZtqRKVpQgRQ%2F4oSI5%2BcKY8ZX3%2BCTEFozaHzg65a91EEJWPZHIBgB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nucleads.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7d841f896b0b597a-IAD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame E455 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E455 		94 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
67e5e57ab839b10e8a8b730750111c01b3ebe12c2af2f5a5df5cc9ae7d1827c3

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nucleads.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame E455 		1022 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7183f83f0d9c05c30dc75385be94c5e6ccdf3f01ef489394b63885377ecc70bd

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E455 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,29402d77f796a9ae82f7,1,,,&rf=dicio.com.br&tg_i.page=https%3A%2F%2Fwww.dicio.com.br%2F&tg_i.domain=dicio.com.br&tg_i.pbadslot=adpn-adtag-1686929731679&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b98992a0-96eb-4918-8bcc-f62543cdfb6e&l_pb_bid_id=105c2dce653f794&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9336927174645684
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9052def9685d1eccda18c0c50054ce1b5ba8ffc9b6a9829ebe29c4dd42f1b517

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nucleads.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame E455 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=85279338301&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E455 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nucleads.com
date
Fri, 16 Jun 2023 15:35:32 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame E455 		826 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.144 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
9b23687366dc4fd96863df41dd42bc02cebcea90805998c44c89ef613a356da8

Request headers

Referer
https://nucleads.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nucleads.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
r
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&pr=can%27t%2520access%2520top%2520document&bc=0.076&bmid=4945&biid=7169&sid=84215&brid=575154&adid=526855_ssl&crid=129866496&ts=1686929730&bcud=76&ss=5&caid=0&unid=0&domain=6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.dicio.com.br%252F&rr=creative&fid=10&rb=0&g=0&tmplid=74400&cb=25281
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&peid=1&fid=10&tid=0&cb=63001
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame EEF5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-107.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 02:01:05 GMT
via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
480868
x-amz-cf-pop
EWR53-C1
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
K1CYeloYKePiAQ1oaIP5uMGIvxcN9ftjHhYfo1TLXv1vsDZK15Brvw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame EEF5 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-107.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 05:11:31 GMT
via
1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
37442
x-amz-cf-pop
EWR53-C1
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
Gws-rHVbhNoZk-q521CFwZ8f4SBJ6cTZrBPcqMHujFWE1pB-NQT1XQ==
ctar
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&cta_render_method=1&cta_render_text=&cb=80727
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
logo.png
d31otfhas71ais.cloudfront.net/images/total_restore/ Frame 82D0 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31otfhas71ais.cloudfront.net/images/total_restore/logo.png
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:7600:6:1e88:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d9f9eb2d46ae85b35405642aeafbb3d07264df318e51ef6ef7a87dc1648800e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 15 Jun 2023 17:06:49 GMT
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
last-modified
Mon, 14 Jan 2019 11:34:48 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
80924
etag
"2375dc69c9ed6c37a7931de10b8fa260"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4483
x-amz-cf-id
Be6VIO19JM6h6blW0fp_coJjgCXIDTkJ8xErY8lZLoftYRN4g5tR3Q==
aop
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&pr=can%27t%2520access%2520top%2520document&bc=0.076&bmid=4945&biid=7169&sid=84215&brid=575154&adid=526855_ssl&crid=129866496&ts=1686929730&bcud=76&ss=5&caid=0&unid=0&domain=6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.dicio.com.br%252F&rr=creative&fid=10&rb=0&g=0&tmplid=74400&cb=29725
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
f277c0905cb214ec9c2f532a6d8907ff.png
de9a11s35xj3d.cloudfront.net/ Frame 82D0 		913 KB
914 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de9a11s35xj3d.cloudfront.net/f277c0905cb214ec9c2f532a6d8907ff.png
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:c200:17:b93b:fa40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e32456072f87a291a8059852c8b4debd0bdfda1c7bc649757a4c0bdf334dc7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 15:49:05 GMT
via
1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
age
85588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
934588
last-modified
Mon, 13 Feb 2023 13:13:49 GMT
server
AmazonS3
etag
"f277c0905cb214ec9c2f532a6d8907ff"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
ChSDTjmdGLvRkGGOgYYArK9ErJbfV0HNiJeOcjjIfkIaxWQMZ5fMHw==
xuid
eb2.3lift.com/ Frame 82D0
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=7b828910-f3d1-4bf7-936a-3641d89c2c00&initiator=me
  • https://eb2.3lift.com/xuid?mid=4945&xuid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&dongle=31ac&gdpr=&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&dongle=31ac&gdpr=&gdpr_consent=
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&dongle=31ac&gdpr=&gdpr_consent=
date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 82D0
Redirect Chain
  • https://x.bidswitch.net/check_uuid/%2F%2Frtb-use.mfadsrvr.com%2Fsync%3Fssp%3Dbidswitch%26bsw_user_id%3D%24%7BBSW_UUID%7D%26bsw_cookie_age%3D%24%7BCOOKIE_AGE%7D
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&bsw_cookie_age=2
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&expires=30
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&expires=30
Date
Fri, 16 Jun 2023 15:35:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
analytics.js
s.update.3lift.com/2/596918/ Frame EEF5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/596918/analytics.js?pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&ai=575154&pp=9502&si=8062019&sr=5&pc=75167&di=dicio.com.br&dm=300x250&md=1&gt=6251999&c1=4945&c2=84215&ti=37000276533921298888890&cb=1686929730&dt=5969181520951367361000
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
2f0ba82a888510f5775530f26c9831427b5e608ece927f9f5dac863cca992ee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2899
Expires
0
moatad.js
z.moatads.com/triplelift879988051105/ Frame EEF5 		324 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a438aafdd1ec78075f147cac89796254171fa2f898803b18324de9613c7cc1c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 18:22:36 GMT
server
AmazonS3
x-amz-request-id
52ATMDHJVQNM3009
etag
"4732ce4dd37728f46d2664cc602aff2d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=57516
accept-ranges
bytes
content-length
112140
x-amz-id-2
kAsH/z63IvevA6p6WoiBcGCcjTJkuDm24ok+DN0Kg6hPqoaT8lE4JLPxDnsaEANRc9IzV3gKoMk=
tpvpx
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/tpvpx?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&pid=75167&unid=0&vid=1&sr=1&cb=82605
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 78EC 		663 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
expires
Fri, 16 Jun 2023 15:35:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1B88 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B88 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArtpCM6iJ2clu_R8TpDiRrA91lBERxCVEL5gfxrAsNDlYgrtZCRVlkj53Gd5WyTH19l5VG3R3hIoQ9gpOgdVLwSyrLqae_x7eYL4eApi4TfANfuVE
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B88 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2944646475514723901&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8553d247-2b2b-47ca-af79-bf26b4327531
beacon-iad2.rubiconproject.com/beacon/d/ Frame 1B88 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/8553d247-2b2b-47ca-af79-bf26b4327531?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B894F7085B923A312BCA8BC7DB1FDC985A70B7642B8EF5C81E2553DB996C7654D4BA14A5DBA3A9D49E9F89206FC79094AAC3916B032832862724495B58DC95706820D9B9592B2B40DAA57DCBD924C4BA318201F004F9CB2698977F1C6577E50BEA0FDAAA192B673C5C0B5875F3A9EABFF6B544121586C252A39C80475A490F8C2F3B375703ED9E23834EC44820F005591599143D1FEA454C6F515AE69909D6DCF3CD1B4A728B378028AEC7936C6CBCE7CCDA10306204D320B
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 360E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 360E 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1793647499183307&correlator=4387759831223897&eid=31075332%2C31075351%2C31074762&output=ldjh&gdfp_req=1&vrg=202306120101&ptt=17&impl=fifs&iu_parts=21671350435%3A1062898%2C300x250-dicio.com.br&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3215632407&didk=1653906094&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D201071efd1ea6a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D201071efd1ea6a%26hb_bidder%3Drubicon&eri=1&sc=1&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ&abxe=1&dt=1686929732283&lmt=1686929732&dlt=1686929731032&idt=582&adxs=978&adys=2098&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=ydkjucl3hruh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.dicio.com.br%2F&ref=https%3A%2F%2Fwww.dicio.com.br%2F&top=https%3A%2F%2Fwww.dicio.com.br%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=350313747.1686929729&ga_sid=1686929732&ga_hid=1133674727&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGRiOTJhNTg5MTNkZTQ1NmIxNWY4NDlhMDQ1NjIxNmQ1MzkzODI0YTg2OTY5NzRiMGQ2MzYyMGUxNzNlMGJiZmQY49HjpowxSAASGQoKcHViY2lkLm9yZxipzeOmjDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBei9wZHl0UkVJREJpLytXeDZnaXloRGRoeFpCbEJ5NE9tcUp3Y0liejZXaWd3MWkxOCtjY3pMa3g4ZlV1bUxzNXQ4ZU5GdUVUWW5TcW8yMDJ6aFdrbEFMckZxc3JqcXIwUWdMS3pObm9QOW5YZFhlSG1PSUlwWXp2UWU3ejlGZ0ZoTE1zK3ZkZ0U0dWFYV29sVHZob3JyTU4rek9yS2JtM2RlTGNDVGlFN1I4PRjt0eOmjDFIABIdCg5lc3AuY3JpdGVvLmNvbRiFyeOmjDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWTBoYWNYVlpPREZTZUZOWmFGVnlkbEF5YzJ4bFp6MDlJbjA9GPjR46aMMUgAEhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8505d2279659bc62490506db71777bae8e7c2de8c6b71e6d230ddb265e85cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10581
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 360E 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8b35ea01f8094fbc49711b0cd1a28b5c28e9ae2c05ae393f1b96f4b70f258a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11330
x-xss-protection
0
container.html
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E080 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
expires
Sat, 15 Jun 2024 15:35:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F6D9 		490 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
170
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CF11 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSTBD6Ep1mFwIQJ9M2FNh9G3MiPO1fMfMe33SAMBdNHVz98BvVZTecO6jgQanIE6mxMnb_Cvw-y67_jqHFHQ3362qJERyL1wfeYom1PM7-Pjtvhq0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11643965540367773237&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b5fc1418-0c54-4913-b83d-0cf4a782919d
beacon-iad2.rubiconproject.com/beacon/d/ Frame CF11 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/b5fc1418-0c54-4913-b83d-0cf4a782919d?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B369AA6C07E3D42CE0CEEE4C68C031D97DE52279F06DE0FD6CB9825D0EBB6560F692BD7E673CB58B6113A3E046B4C128E53F7456110BEF6D5550235CC2340B9F341A91D46405F142840819A99855DDA8B3C621D437F4A41039BFD54276482CE8C776BECC6E38DB862FF514DB902D4657189BDB7DB660C0F4BA4807159A91CEC88C2727C7EC15769B0CB5ABB06DEBB2D9B8F696A42F58207BCE5567D5B3D44E2812DD27DD44916EC750F12E519DA16CCBFE82A954C1004678A
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:31 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 696D 		560 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNUxuQBm1wU_mwzo59vYHf3JUrAC0wWkYFQOdTpEOkwlGJ2rHFNEDZjGnevov0RMtT6qrJtxJHn9ZxEl85Hg5AaeCGj4Jg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5ca18e2886474b70e2a549f345e739dd25b77d0c0203151582a1f7849047768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 862C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 862C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFkbTkzCtYvlxcutQES9oKuONoRk36XGvdsIEuOAO4wy9Y-W_rNh3W9rDKgvb5xHfxFN63wsOoviXe8WX8B8hmzUc6hJaNHbCGrvrgzyeo8rd3KxU
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 862C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8690343587064380054&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
02a9ee7b-386c-44bb-89be-65da11cd4e7f
beacon-iad2.rubiconproject.com/beacon/d/ Frame 862C 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/02a9ee7b-386c-44bb-89be-65da11cd4e7f?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B764CDD432E20879A6609F59305BBBF9F4CA5DB853A1B8330422978D034F0CB0E987D94165B2202B1E9F89206FC79094A762B5AE05408A23294BFE785B595EE1AE6088CF4473F8EC72E3BA37EADC2324F16F0BEE87CC029F442777E267492D4AB8CBAE6072433FF5EC0B5875F3A9EABFF6B544121586C252A39C80475A490F8C2C35FF09644D2B13FA16F2FCBA90C425EE5F3853B10CD00DF0EE0C907362BCAC7D59D0F6DF1031570BDD6D327F467A5C5CDA10306204D320B
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:31 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
ev1
eb2.3lift.com/ Frame EEF5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&pr=ZIyBQgAEP_wKs-bDAAyhRgogySRnx09nJFa-gw&bc=0.076&bmid=4945&biid=7169&sid=84215&brid=575154&adid=526855_ssl&crid=129866496&ts=1686929730&bcud=76&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=16400
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame DB73 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 90B6 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzmLvoM8P9lO3FUfkJL1isEivCuiyPDlbjCsUhZV5JEV5mfj9EC2rjldzGWb5MelxXFxIo-fTIJ-Xbx6heOPrYZnUKtCgcpvkcBo4qReTlgz-GOw8
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4054183949209866714&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2e100ed2-648a-4c80-92c5-368d1a9036b8
beacon-iad2.rubiconproject.com/beacon/d/ Frame 90B6 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/2e100ed2-648a-4c80-92c5-368d1a9036b8?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563BBD009668151572236795DD26A8FB3B0E465F1236691C24888DA6475BE0A5EA8FF0EAC6FB4DF08441E9F89206FC79094AB9FD744EBD47D92B47E7487E7EF63BEE820D9B9592B2B40DAA57DCBD924C4BA318201F004F9CB2698977F1C6577E50BEA0FDAAA192B673C5C0B5875F3A9EABFF6B544121586C252A39C80475A490F8C229B94CCFFF19EA92DB6BFE1FF6A30841A459CDCBB63E2CC0EA675470D617F20F2D48EBF0C508BC1756047F5391E3D708CDA10306204D320B
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
cs
cs.lkqd.net/ Frame 78EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEB5Ku6Iasf--2BQ_U300KDY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEB5Ku6Iasf--2BQ_U300KDY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Protocol
H2
Server
146.20.128.169 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEB5Ku6Iasf--2BQ_U300KDY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78EC
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=X21qUlBYcWNYY1U
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=X21qUlBYcWNYY1U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=X21qUlBYcWNYY1U
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 78EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 78EC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO.IfgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNW_BnbBDTpsmTg9cQBbbQxLCl0LSRiotG0TeeKIWELnm7c46VpgDYCBPT-FH3ovWb4qBULRNGD-aepzVGKoTr2d4a9d_A
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG_nB1aXc6TtVIa3MtT5oK8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F6D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGMDv9eZYmKaYCsHbiIaTZI&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGMDv9eZYmKaYCsHbiIaTZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Protocol
HTTP/1.1
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:32 GMT
AN-X-Request-Uuid
6e96e3a8-0fed-4465-b0eb-c2e4a4d01a08
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGMDv9eZYmKaYCsHbiIaTZI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2ODc4MjQwNTk4MzU4MTkzMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2ODc4MjQwNTk4MzU4MTkzMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
395a7d72-91f6-4eee-b4e4-04e1e1702a05
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg2ODc4MjQwNTk4MzU4MTkzMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F6D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDVv1Q0-3CtfvmgmiYixMyg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6D9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNXqgaewXII_3Kb-UQPSNj3P7I6UcW99w6ScSCUjvnnP8FOwLSJjjvK1PQVLiOyaTKjsv_6fHYl30t5UtRz2Jxsr6AXh3w
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZlMTg5NmUzOGM0NTIzMzgwNzZhY2ZkN2I2MzQ3ZTc0YWUzMmI3Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 360E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:32 GMT
pixel
cm.g.doubleclick.net/ Frame 696D
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YmI2YjRlM2YtNGQ5YS00YWIyLWIwMDctYjg5OTgyMDMyZTEy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YmI2YjRlM2YtNGQ5YS00YWIyLWIwMDctYjg5OTgyMDMyZTEy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNUxuQBm1wU_mwzo59vYHf3JUrAC0wWkYFQOdTpEOkwlGJ2rHFNEDZjGnevov0RMtT6qrJtxJHn9ZxEl85Hg5AaeCGj4Jg
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YmI2YjRlM2YtNGQ5YS00YWIyLWIwMDctYjg5OTgyMDMyZTEy
Date
Fri, 16 Jun 2023 15:35:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 696D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNUxuQBm1wU_mwzo59vYHf3JUrAC0wWkYFQOdTpEOkwlGJ2rHFNEDZjGnevov0RMtT6qrJtxJHn9ZxEl85Hg5AaeCGj4Jg
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJo2H-IYALbAe6yhzvkxcxo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 696D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNUxuQBm1wU_mwzo59vYHf3JUrAC0wWkYFQOdTpEOkwlGJ2rHFNEDZjGnevov0RMtT6qrJtxJHn9ZxEl85Hg5AaeCGj4Jg
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGZiNTg2MmEtZWZjNS0yNjQ3LWQ3YjMtZDhiZTkxYWVkOGU3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame DB73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
42 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEKtm7HLZ6JZJF-T_kClkVVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DB73
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFDQTUwRTktN0FBNi00OUUyLUFEMUYtRTI5MEVGQkVFMjQ2&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DB73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPbEnudTXcjZN0_h_zgjPSc&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPbEnudTXcjZN0_h_zgjPSc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Protocol
H2
Server
23.52.160.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Fri, 16 Jun 2023 15:35:32 GMT
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPbEnudTXcjZN0_h_zgjPSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DB73
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTliZDM1NTgtY2Y3OS00OWExLTg3NzYtMzkwNWQ5ZmFmMWNj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTliZDM1NTgtY2Y3OS00OWExLTg3NzYtMzkwNWQ5ZmFmMWNj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXKH9TZJAaSLqN8Tq6xY0kM0WACpY4C-C1zizUkQRN1PEYnTiuDtUrlpgtT-mWx4MK0f7VSAAPjhBeiY6Rl2DBnrN7JGA
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OTliZDM1NTgtY2Y3OS00OWExLTg3NzYtMzkwNWQ5ZmFmMWNj
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 16 Jun 2023 15:35:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7369673561315&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7369673561315&version=m202301230201&ct=76&x=8&cor=2944646475514724000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1B88 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz70s7EyerXW3sJYXSlmLWj7KLb3KDkh4-eyHjcVo6NPKPqhXbHK7M3NjHJeKV4JKzScGFwI42vN1Cu-llG1Sw87I7DfKxC6nshDjq85kSpe7wuJ0lyAgQJMrx_vkyxxfmM69xp9KuHf9hOvkAb_Nzg1PkTCLJ3EIND8yZn--kbA_sjSM&dbm_d=AKAmf-Agbx8H2lWjwleWl2Dxzddiezwe7CU0oBv3FG3y0oWG2iGFopCz2cpdwfVLoM1aUn0NXTM_1q54bpeFv2NaluGJxw2PgEfqFBGRMZJJloBJkHTEKKSSPyksLcqSViHV43ziHv_3ZTqYKfb8OUk12HtQVQKQ4ezGN9ZLvqhHhz0TNqFzTVImwrvIs0voGz28-Tm6A8gnTqsmc3KUscdG6Wkidx5Zj_40wZgwdNaQeYnGWU2g6vJ1vFf0qVU_86P4DaND5JDq5DnaWFGmsUn2-ShEp2h-Xa4EHfGZrWE8-C4cdqOEZrD7dhJY-DGS9OWfnUpSfg1Lo7LuCCaqiV2oG-PMLFxhgBR8HoJbrSZe1cYhvmHElOTtLds3cnXqVdQAhPX8fn1trEiMmtX-u2sSXREojWk8SXouLUnSUqkzZ4zj7VQyKlUkLtW_E46qoObodPxy3Jjtj6k1iaZAJ2Oism6USCaIc3mcmRogSPVvHa1wVb1755SdIdGAD434M7Qna67YFE7LrVlSW78xSsBo0roN-KQI3gwyp6IX_TvOxUvFVPPZJ-dhcRQHRMi4HxOpDddeByrVlNQkT37GV0lSxj3VuBcTlHEw8aDTjszo8EOBWl54d2_u1h1GWmPn9EDaMva2N4ddLy2dwhvlgdk4jc1UZZKgf1NG9NVmuPSJN654ySEPaP2gH197xJs4yqEpBPZ7ik3bJIgL17tKJwL2u6NfogPKnVD2Gz7Sle3cXvABvz2B1Dof6ODQlQiM2_3HvjWB7Ty4CQeUgAPLG17oByfsz0mLJ2vUyTaQpJozx5DJKmICHDFQ7EZQPWyVXPPvHCELmbOOe2j5ptvMHbitx0vG0fG4-cBVaim9zve8_An-FKVuqS6rsINfftcpCRt8FMWvQmaZkTeFTeSJHHxexoQa4Hi_nrPZF2F3nPo_hUsfPurHBp9X-3pXmuk1BlLWwGJSCaieVTObR-PZYGd08uXAQcap0viBQyZoTa2zPgOvKoU0ofa7sdWuQd2VH5oqdTIYvoSgupJalvg7jhKnzoP_tNsRbi5MPMbZAtlABF_4q3btaXYRoE2tSTcK42gj0XImrpwGFYABpAJoIfkxuNv9emihbtFI4rjQ0GOY5AsjR1CDzoTZGsNx80umsE4J7HBQunYWIeQNYGhclKNNJolJ2IfO-pkfuf8vRjNIoWCSSV-EN1fSLHHiiMFKC10T-92OUdXGiw03aGIztpCz8WJSA6Gqa0JdJpknE79nQcZ-sylIXJUtErpWZnx32C4evDT7jpNaGWuLx0PFLARsEupBPzc_OqBgIcp02E9xnY3-y5EzxPuwNRFnTWuiAYL7djVITjUDbXgOvhwvwv4zGKJ0r6qzvDdC1fWMhiA2A1LNc4ZlQSYVzaI5DYkOW6CpXvYBWjdP0ZM_UP_oSCMTMJep5zg3SC5gi_gyMRgNBOIlinJZ3EUbOetwikXiQWrE-IwRkUBCXAI8KEs6fcLzJPYdq3Eh95qYeHrx-nFeOWIfLKRA35iqjS9bysaXMuDmqzN-zWm2Anq3JuTUnbJrcp673bO7h3tOLSCT0KdHS5ARI9SmluWyLNdYxcZFqmGfeAFBGl7YvLvAQ_ajJ2Xr9FgOtqHBYWWpJA9_rmHtB3Xr76BKmtte1Je5swQ0l825ZiYt7nnyTZUlJyEd-Jd3M7xvRnxv3OUFKSFGmD1zRFgtXJF7TRvOZhJS0yAyQceUn5Qs-wh3_PhKiZXIwF5K7pkA1Pr9OKuqhtwJbvExNd90zprYX5WvUD7uJ1qUOnsAzt6vW5Mai3Rd6NO-V3KlII74l9WPsHFa2GWibzrPYTPcGn15O3vOQBhAdqDoDZE0EJsb8CrZW_p_rJuvC0rrX2G_MHX6CkJR2CI2rXrl2TR7zWL_3t8eFD2I9WNq4SZjvT0O1A8v7julbSaI5jvLapDH6UHMAog6GGxK9t9h69aO5OfTw7w0xpt2N12HTXgHXvCC6i5ciI4nJJOX1v970xQ3qNWGP-pspcD9hjZOOgxBKzBKEkxI4mbLfwQFEIrW0XrhcWPgzdaV2DQWw-6BgpElX0Kev1dJAkkw0Pd6ZBf9cQXEhv4d7c6xbjPLd7IavdzNrx6f-AmEBr_It9ECSH6TqdEtfOg_SJRV0m97-cIdntIUYTC6Vk3yRXOphf2I-MtbQdC9LeTp6DhHKk_rBxQU6HwAXRNLCWdXvlwWgvpCXej6xkoImA2hFr6uIGOEqXcLovRyQq0maqpAvcQeiKcPn_l5CTChI_Zqd0X7_MlWmATaOpO5_jiW-dNWlTMImd5U35jEGWgJanZkfKtzWfLZhsja6sEYSATM5gYxXNOQRGTUoxz2d6fqlA9kmbWXy0b2U8G3k1WW-oA_44A-V46tJsU-NqghMlQ5ktI1Q_YP59nhn4yDzuwlNLQcocnx11PkZuK0dxCk2l0WjZtcuXU0KAIslIDmbWbIHfvhkfHkR4sQ7KpqsISfSV6tgp1vU1_7Lmaj-Yja3FtENCSmRuwkmBDSsUks059ze-fZOpxYp0pp36IN1vIAKhiBLV57mzV4IBIBMIoWzzvfqx92UD9T9WbZGlagLSjU9bE-qHqlHY-k174aSY59zIpvQOMDrx1swRkRwTwZsKh-CUra0a33XGZSs8npCC7gtXXO0ZJB0plRZSVkRSoXZFw3q3ArHW54Q-gLKfP6Lx7ilgNL316kBDG18n0VUZmB4dtTY41j0Td-MvlNqy2h6IjQe304pzV4RTb36vZKkV4BFUrPWi-pmACD8UkDjWRcyGysG3c1_b9tOdcdtwxk-lSUAgPe5dhSwyOa_OkSSSaMGn38jh5_fisFlXt7YQ7nwuakU7w-LqBmUxVK0BUfF-GmVa8gH4106HCWpzgC-1nnZco8OtwLFp74gCHlkNKtiXPE83TjyxO12nFTPVQCT_AEwxiqSm8n0miPHO-OxDt9oA9U9UUWJyh-ciFdbRkRz11X2ujlDyBE1GkEBaaZY9hkmdxnoYjHLsBORsEa8_AtM7eRym-Cy8jRR-Nb4oCsR8_8__Yyz2Y9mQhtTWDkX_tCwfIlsuyLSPRV-c5AV-D-BmLhWzLvcJHUpmtrGG-SWTmcIRPXpQOGyU18S6xkNEU-YvR4YyiViu9op_MWZKlgM2mQ4g3WHaROnGq2ZfAv0FE-75hejQViOFHfeId0yLjw1D56qpX73KPFKTvH87y2tKfx-ufB1AYA1q2uFA2NzOoSsoKchP_S34Zh8Adkz1vhT8EgqLqRhUPkyblYn-zyCZJVrxym4AOBDEOblNLw5u9C1fzPRzFYLPjcjE6QPFE80s0pKAPOs7CM4QcQGy_f1DIWs-sheBdz1hlMXQOasw6VnLa_JvonAeB729PlynvzZCVFd7c8PGo7fDWdFZ1FoSfZEbtgj8yVwf-adl3q-KHDDNeqmxt0mO4&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDlbPR9-VaOHc0U0Kd5Kzg6_hMrrzfGFF5J3Dt68aIQb8oPnG2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=2944646475514724000&adk=3030632&idt=154&cac=0&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92765a644f7cf736a084526e91cf7c82bca2732145c5405c8f3c149247cbc802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37805
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=247986973701&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=247986973701&version=m202301230201&ct=76&x=8&cor=11643965540367774000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CF11 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsKNn9H0TNtz4owDL5wyKtgdNVlUH1XCTIet2Mnd6fLHLQq6qe049dTisQP58OowI82YO2EV4VDhsRr2yG8OgV12btv_lZXlDXFbpZKXKSJa5ZEApwTR6dD7nOpX_KqtuqUUluOct_BNK4cKatfRy6ESMhDSMutbG2z7r0wsdR-aM36So&dbm_d=AKAmf-CRwB7GDsCbhjtNmFEd-TF4nYfMemhS6hNUGO52IuFAY3zOuid6cAPHUkc59qGs4tesvlBaXmzy9uG-xBKX1rq5_sBegLOO2HGtwbzW3tJiUCXlYyXs9AqsXztPb1b7nStHykQPICXoDZu8GMQHMgZHf1peEGlrl_zFmqoBUWTCbISVfEzT2vPhqe_qkKb4Op18TzyMt1qXYiUpr_GDdU3dCj0NO3qY-OfrYun79EDB1MYS8wYuLFSWuggNi1N5PXvm4cGPdCHABLg3sKcn-2Ii7i210c39EWSh8F8o_M8QyyEe6AqU3wGu7mQOCKcyrAtZuyS1WVmcBe7De0NOkIF9zsXOfdhKbWCTr6m5h3HbKIzi3krTD6Dt8BsNvLiv530njhS2YgZQhfSQn4DCnJ78vI28O49J90E4Det43AIlB7MhBpOnvl3II69HMXZhwEwTupI2aVhDT0emc8CEe3Os-dPT8ZE63jWjLJSyDbmW2qrk1UoAQjGqHwd4bHS-FY3eanteiX9MUuzuKYXCHvQZz_M4OX2x7eEL5F4SKWrG2tszp-7jJjmS_g2BusXtOKjIYi4sjoYrVe7XL0-zj0WS3cvZyWbNvV5m-Vqgs6ZPAhh0zye9t6fP2vL-MLZ0XfZi8n97W3z7wXCAJqYF6pjejcCcKf-JyLIQYj0dFsiux_Qxk_7EzAo3RsglkI7GueSDJ75Wjhf5_wjK7sXq-oy-ritR-EvKNrsOKvTvKGE8ghH0Bll6x-YSmyRxO33pj5IM7pM3Ta7QZE_1mHMg3_bmNE6IJWBMCaUDDzi8ZJG99i0EEAz15q0gYyNgoUNDvJBY4MTKK47ehLgPFQ19UAapZ4CxAnPEx4BstnOwHia7PG6FzCRg0KJg9wAQF1H2YYwW0Gmw6Jd4dtfZPUDTftqUIFPvKdCMxuH59Cgm3rOhv6rt0uR7KXNxD77YeCKyXK63byF32ZqeLpdAKe1IcZPGTLZh_kTxUollqXU2zqPRCyddqJ9aNs-NHdfWP4cp4kJSHQWf53cjzJIEqiWfye5MY6SwBJTU-_fn42rcgfIyNNOsDa8d_TfnXrtZD5OQ-tb0OMCcUyFaGhvSzWYFMq9BUzKjtrvKz3YyFFDmKpF0-9JErwIpR7W2FBcLnhaqFvqxLRJph8kzvPmanWzeyIlwsh0mTdz39nWEGWdSiVBwoz5-AWc0UheYJWAn7MHp5KoqWIQrNgWyXlPFTGSGI77ul5q4jIhBNnZBAxiqbOvl9je6hp-3AufQkqlVJa8nUJaTRf0HhKkDp41VSy7ldX45mYx5mfKSjBOGKngBg1qQiN9ay7VDyCOYHsdimupzqdosTkWf6ZYqpSpjOIywb5WlDnzySD7LQ6gXdPMsVdd6eWF5fPk-GRwgPW90QQ7SFsKXLWkuRfS1blyWIjB97ifcGn6wsNpxroyqiw5AbRaR6DFFcEYBN9FG-34xEWLvPMhUj1mi3lTjj5PQ-YbM8C2W0dglG4mVIvQ8P9GK1p5o4mkJNdOyj6iPv3u3IFxk943F3S1r4rRnbUMM8-_D_o67YG5dVYMgwhBzdNVAcOnKfF0sOFPIQoABdK91v6zngRFbwVkvT3D56PhnbQe-y8GCTyorhNeKzY7iAd0jmaGUsQVjYJc6ZDkCbBkRBf6OhjICGvXNLjTO3vsTv1ZXulgIhRFnRra9FWtSNUCcm4Rt9jV1tZUcKz6yfuwMs1fwWmtBZ5HtLHh5XUvdYTC9fB83O0YiL1SzqCXwU93w0ysHtBTVVSiuHsi_GYWYb7H65lExkJ99EW9emDa-7P_jCpLV5G9g_bnWFjfyKcdVeKSCJ3aLeNWcyy8beV69wX0Dc0wSECXDyvlXnMXticN9NUGZSABrg-OICgc6P6kZgpPM9ywFDlLgIm8MO9PmbwoNow2rBC4ZYivqOoZ_bYiIGKyoBptiOEaUWavUg8_p2r8Fdik4VOFKvvH1M-IvpLzNwkg-4ZXdkvKcPM5Tv1swvvYPd6eqtoA6hjYx82ucE246ua7_Vrns8nTayeJpPSlvj5fv0UxllIyZbhGrSyNmGsMJBGBaRArrb7FvJzex5lQxuDBWpN1x4Zci6MzuedCRZi4dRrWgdQ2UF4PXFTq38giPhaZqESsmbEXKW14Ek5NggPfo4gp3e2J-E3IjlLJh1DbWcSX3TczVas3EdVbvsepG0p6D0mYL9pmgbhvzwn233woSPRDakdi5UCtFFYpWGNPT3mazuOr03jHWJq3f2SjteVm6_hjUSf3aJRdFq4G4x8rSSfzx5dhZR22QJ1U25URRn4V0TCpHFCBgrgF8ZmIULai8jd5tmVUNyap58jIq3AsKDhh144VNAdsJ8wwdldHIBdjD3KhvzDHHPiTIMFfuPZ3OufqDEB0BT4dn7IXVGsVxvNhXTAdr4L4LpP06NSG1wnauuOFkp_Kdfihn0ltj4Axf3bBG077bUFcT8QxW8KSoclili7TJJnAwq-5c2h0IPTKXt_Fyju1RFMNdenLTKPp0OUK3WHS_jzJjDO_htYUqsuf-0yMUwf0VnxrxeZbzAX0Cy3xvnpHTKQK5pifC8v6voT42gaHfnuGak1Retiwn_U-v0sznRTjzpU1KYd7b86IpIek079-FrmqxjqdZRztC0nLsdxhLnz0-DKOpcHo3eKq6WtbnqL9xZGVehs9jQwKFOwMAe-HrwhSd_LHt3IT3aetygcBuIrHnBVn52KMnxCeIm3C_xJPtTXQ3bqP2HzqSHJDGkQ8JO3oH-YjQa-dnryvYQzZ4I2R3bO8A1hgiwZULvcWgLN_sViUUDwXNMzJlrijlxjlsoV_8dBx7QmeMJ5EgdvL2-UnR9q_DnfB2-Z2yRNTYxKE2oqMhTNoGjbVjIDbieiXVA9aEKMh1YBXbxeDpk3frMu1kPR2kQoqWWTES2l7v_M3VLMT-s6mqjinevHxxycnsgOvnT5XeZLS_uFTkKwmY5sOdrhMr2YrdgbqcgUI4ppv38kELFIV8Tidigmo5E9D1lXiFtWndveBR6d6j1DwCY7SiRduZ-r1upK18V-7wErU0tzCzB9S64E01WmkRvibBWZuXpIsW8BiRSDD9WDhqHvd9AvFDKuyS1cMYnOW3IWPorid5qCr8WtReQCvhLMwceOwdTlie6kj5bXl3YGCs64vwTKMs1Tf1rYuxuxOAEobKVge8PJk2vU3Aos6HVsdwaYqIaQEEGnjPvArPXvN3suuioNV-EIp5hF9z5h6IfUX8laaQoJ9b5PMH6bIOQAwvAJyW_S34XmR4sAYivhokoFqpYuEcwI-4jIWjfnMwr9Y4F1Alb9M6SN8l_73w9277N6pzIaQ02yZEhgyb_2cP-EUNaqsi1f7fO6NLPxO0XZcvPPVpkKP7oUXLAyz1JVLGsGGMI8FN3SW_QU1njX_PJLZoW-US3b-RZ2c&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiD7N8ZYmUNXt4UzvhGreLXhRlUt-IBgjRkKiesRjikTlVmZdtGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=11643965540367774000&adk=250276038&idt=80&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f4cb706432631eec1af15f5bf857a4a1fbe46d1b5c922aadf691644da951949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37876
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?oz_pl=1&dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&psv=2.96.0&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&ai=575154&pp=9502&si=8062019&sr=5&pc=75167&di=dicio.com.br&dm=300x250&md=1&gt=6251999&c1=4945&c2=84215&ti=37000276533921298888890&cb=1686929730&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.3lift.com/2/2.96.0/ Frame EEF5 		176 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/main.js
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&ai=575154&pp=9502&si=8062019&sr=5&pc=75167&di=dicio.com.br&dm=300x250&md=1&gt=6251999&c1=4945&c2=84215&ti=37000276533921298888890&cb=1686929730&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54224
Expires
Mon, 22 Feb 2055 09:00:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 862C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6314093163481&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 862C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6314093163481&version=m202301230201&ct=76&x=8&cor=8690343587064380000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 862C 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CepKZ-tkg-vFcO_M92i1i3Wa1eYOsFaa5ONWBC-okOYvhJCnS3g4_-bBTaFpkUyLtPjNMD9OEaO9juK1EbKhn-fCjUJeURpnWazhl3WjFuI2rHEO4aYi0u5J79156pCFH_PEz5FftX9OSlfa4oyy_dTxJn8QvTIt_szaiHEAo7H0Nrjik&dbm_d=AKAmf-BhtFs5HlH1TrqOAeoh0AnV3PayE-2gw6Dt3C3MpI2Cm7qCtSSrf6MFTAe9OZA_8uHImDDri2TlFblX9GxENvNSf7PwegdM6ZXz1YcoOxlyt4ReP6QbFxbA4gWt3nkIe-Fr64DmHtNfOUeopY66KNJkHHjP_L_oKbNOL1oRTmIT6JXOhu66YrE_hB8KmAcgWcbOU7ggOYPe9sMQjgagHLTtu8C8JfsNv-JpISYd_z2e2NbHRUjAcIYr-GOLNy2n0wTBwG072Eio5OxI14U7HnscwBDQPjTb7dl_-2iOjRTx09YN5cfVYQ5CTMxOXhIb5623dL6U_N02qbFYkzkDp9MqbVLHjBUpk9r9HoNZHU9VEdEY7UDiMG1W_jbgYRSUdqS9G9N9W1ALgTloim9dphshoRlLPDkME83IunfBG5lz0_og-6ZowIUCtYWUS9j0uMhoKKh2d_rEDW_ZTDGLOHMMyG_lm5Rg23-FkNxscDyJ1fMiRHQVhsizXMxgbVsGmCeaKamGksiioRWo7JmbWhgtFAI-RQZnfy3ymFjEnWc6lJLox12VE3-KOQ9j_DbnTCmEA6CwG-jikHJ72uC9hC9vUVxTer5DBxq7EyIeg04_ycY-Ms2CYOZIuiTw49kOxS-ndDeJHQgktJETnVc2J4zjTRJOrK9XzopGhiZ001cr906qZhz9_zjrRBgnReCdW-6Ok-2z3gTN2uxnE9fqsJpv1cvqVhkBRw_fwuDnLkgASOKpZBVDsXSXIpnwqUNhWYUqQT76ThUjIg7jvb9oaSDy22Lb4Db4PWHoEKugEZT4sO7Z3yoPnPQijrPeyc27u9Sr1Zoqhor4L4v7mDBseD8ZIOR-aey9zpCCvIBQqVd4EIHnTSxnRtXqmzHIIbboxo5gh6FyLCcNa3ikCr3b0TtHSmbing-gwaVvTao39sySeLgeBaHSA6V32vkB4VKeD2yiiWSa0KA3JRps_DyeQuqyXGupEvO-Sc4VzkJbwmNs5dqjC3N3NjgCxaWNBK8RbxLbQ7bcaeicfFoX2gYurssRaF6vnc2xtFT0cUDOSNxMe88ENMNp6v2_q7ZhsMZgik5Yszo7bc16Iqq6TWGhrPNd0PES81tp6ygukY6y6zJnMclsIwHZqVE74d52kAMnA3tavjdY-JPjqhw2Cq19VTUkIwt3K2On0J-t6kDFrHzB9ZIlTSJ3E-EIUM-QjexN07jmVK-aVzAhMMViDXAgq_lpmtnLiLqLqwhCTb4w8zN2WpcQuujd8rDbeY1qmE4T9SbPfizNRbqiVXU0o89Ji2AifSRW2KFvxRNWtHcYBfHHUz3IHGfpthhHtPXsWXx5aOmJ8JrATo6zku8NrheYM8g5w7eIUK01WbvSZT12yIELHAsKvrCZjxzOzQMs7YNu_fRxgWpJGBgOuCHcRxUDuBl1W-J0dw3l8WbDk_psaEa7LmnccRkk1tPAec-RAFQPK6o5huKH2WFmKwO8IjqwE2-Swc_nyBX51wiz2xylrxLyS4cLMqW8-T5CkVn_52tQR1NDEjMWk88SEqbgl81bR48XitW2wzOTitQHc3wpC3pQLFlSWZ-l_Am8Rcrw1nXggVg2jkAO4UzGALiOg1l3TxoEz4pcnCZ46Y8cXt8oPy5TpCED88iOIHWQmkLmk657jYqOkVqSyWikz8M1mq2EoicP4rtbYg6zoWlvLAmLELaGku388DKdI7nTe5ektftiGmk8STV9esWA2xOhyawJMq9LqHoKmT-5ugXuBYF5nNLZCKKrLjW5ax-BLydxg0JXlIIsedM0AYcmkWdqOyLuD_0s7qnmESlALX147KxlGlaRnYzVyqN7dV0LE0pT8r7vawvScBdXHNF_O_KVReVNJw86W6t_87p3epxLw3Jpy3p40CqExbxZM6ivbOjMNdJ2C5vpcwUD4mDD7LeouFbZHGKY9XEOSKdPH-ruvhVUPldk4aRl-8qZEB8Rq4_HQE5aT6RNKP-usC2rSf-JfyhaSHXLLrcMQ6GD66w5O7eMAwfT9qtFIplLUjnsbjha6fNocQ23xUb6vb2hrCPcz2SPWNEgElYnDJhjTe_nlYht7lwQQyPyHQQKOoqw7mZRocz9QuORbktL5rLBkfHpP9YimP8_pBqVy7RIIXFZapY0n4wDMJd2trb304WNuLA2uQoKYmFnnMP_W8-wbzC7VMKJsvfiP1LasCToKhkMVAjj2q8NQyyaA7PpwXrOVoCs2TYRlT0zpwyhxO7Sl4ywywkx6qQ6FgH2Kts_QuMZliq7J7vKanknI_U2XMP12zZOCoTPAsj2vRCPW8MTOaX4HdcrAvYIEDyi23llr90xOdFlkpVxUeEKmU2cbRnfH9oZxaLF2FlRoRtBBLzDgjaTtgXE7lbEttq7VHWXtvV-wODyQsCZQyHTOb6wUcYiCKILOeWPhSVXITgMJhXCGqn5UjyIM4VR0Cw2i3RI6jrFpMhVMpcaTOY0k8cHADzH7kGr1VJBpOtnNnO9Tw90LmBVTmDyUJ000fTBcr-IhN1-CS1btR0jL2tQ-ZJ9vONSilhZYos_O-uAsmR1jel0gM_T8vqx086YDnLWDHQQz3r0XpzhJw1W3ziT-D6Ruoe62inEx7Uu1At5I09EzAsCbP5xpxj5tIKyyGXCWjUKe6ieV5oDLldEwJfmUaKTh-UlLwvuuwcLD0aerC5lfHxa4ARIVBYE_RNfuQ2SXKs9Iv2t-4gEdvZUdQq-3Zv_dDrYgGupWJYwGxForbOTW3wTus2mcbRpRO61g-NXbNvCwZsoxUfnEIA9EeqsKs1zilGbFPOBTNINn9MN5iN7mETNBPnuuHiAGbf82vd3i3q5beJ8K4_2cI_HMYNZRbqMSQYh8AlIUuZxx47jeILNh0UpSmGYylqxBb8khXM60c2UtFIVmIt7edIbvItE4RQJtV4ZPm89ufCPzDBAdLsCYTm3GGVmGNJCif346-3Sxw_7QAxAC_Jo3l73IErmbCaRHnA4zUzN-B6gzyh0AnC5u6ZPbI5k3H9U4LaQC-nuggI8vw8yN0GYXzisERpG9iU_zhMIICeLg9POHWg5Ek_W3aKYon8Z2LXW1SMiuocSaorm2AILOfZiZuCwX8ugAQhedXYOSbQvHmLUF7kzkJmZPLuSnagj4LL07HX0z2br9Jtioklz9YlJFx8fCq9rLc1GzD8nwe3KPVNKGKKRX2nMgUQIyU0RBUPB_7X3_akFI7Jv9QzkMQ3ye9yq4NReZ_8jlWAqji1FyGZTFKOlOLjAUY2Akn6HRkEnuL-SEfKSyK3d68NwKXwU1QkIoIQwumBXiTU0iIyOfEJx3WBTon8pgT8Mwt-qQNGjg7_FhQLJF2AABV8qyofd3udOFbmfHiOeqW709C9xRbB6Ibj56i3xqOZdzygKC73V8zbh-MNq3c2XXrzKjmqsk9SXEZ2mMjA&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDfXKkqcWlIBl22BdEtAEqOd7DiYvU5OYJ158p53XJVEneyOBAGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8690343587064380000&adk=3703234670&idt=105&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36500a476171827f34e6ba6e60842fed9619aa2e7e0d644c6ba6f91145170fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37791
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6FD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:32 GMT
expires
Sat, 15 Jun 2024 15:35:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7458106960889&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7458106960889&version=m202301230201&ct=76&x=8&cor=4054183949209867000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 90B6 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqfyotswzgOkahBpjV8eQ-Wfj9b7PJC6Ml9ab7PqgUxFzOzaIHUrFXKVffvlWulzG-nuW1oblbkN8me1nhrhPEowpsjLalwA59EQz_lfA6wk6LwB6wBbqaFmV8iFNl38_6Fw34YmQPhJF5zagSSx2iMkeTXNobN59DzswgAuBBj74_Qkg&dbm_d=AKAmf-CjsrAI4JAESQExgCegwsEba2DcqBA5U6NAHTfubjXDU1lDBnd58nctw-MDNyWwn2wHhznkpDwKCGHuLfApEABv8QQMtMWM8sMfPEgSBKd1r0XuQrfcMfmrgs4bK8BB48HfZkMrW-eDNb4SzacS4sN9i8CSD8pGSjOE3SKHlyruSniGdDcgcrsyHk_49mlQZWly6-w4eIy00eRwgL70EAslkpyxSw4Otqjid6ezJ1si93jeolgmnEOO2md45DiXlrF9ACDpxB-BSd3VVhhbgBXmZUfyA52vncerk7_NPp7dNM2Ts2-lC391TKkWweS1kKOhDnIPGo_O1dzVXxXOh9pg0tQ7-Jb-TuwydR0mjWsYVkC51X7eol3fXez_FeNvDJlAPGhM534nUKU3zVd_G9B8N5L2t5V_7BKqZzKO5A0NApwao4OUtjN5aSQrv5lqrEWAblYV4pA9awzQ7HEHgm5bA6I8UQl3JT9iOS-cITZb2d8AV1J_i2dLY1SedVuWdz7O3JSawjaqKGlRCzKab3f7Uayasn8fJiiCJDxXem4xcAt17uJ7khSA9f1eb1Fb2_62FvoH3qlhkToj8ckeim5fxqWJ6ymHEAVMUD2i0TJIcFjEiMBkZou8t5Do3POWtH9M2pGo2cvM41EzWMW_23Kll7L-gDRXJgZO6lco8ej4sKsRlNP9MX79XoVyvQ8paeuEmHpku_yXjyEdGKXLseWEsWtKgZotm9kmPwdsfpyiKhlrA1J4m2BiUARd85Xn0tlFXlacYR8dmG7nrqr0FpdzN7OBDdF-U6GugxmyoSoSEw6-rnnq4jaWSKOPmeWq7EGe7Om4v9jSrcJQxI1ttfmbWK3sNBoRRGuhOns69vVqEk68vbQD6goxurPx48lVqCnnj2qfTDr84D15yMqDvJa9MWaEEOxCh7M3_VIgPECMNY7CK9IVljrwmjEUglw6gd3Gb_QlyXPYFJq93VCedQkjhxUheiiwI1DEDYW5nneKqs9Yc1UGXof0G2R4FLKgV15CoIaY_rToYUQl4aku5oj9J1BTFMtTN5vj8e7FkQc9rjrIlIhdbiT6QdqnKIWxVXFaFNeLZDgu4E5ZcPxcozgz7HXMVyZHly-IqyLi8RBk7H2-5moMoidfVwfIhKIR3ooURQdN3fYSwqZcbk7t-rXt3Ztp_8OiGu7PDqXSNoDfT2wvRUooY8yy-IJWNq9dEL1fhdizIvAzmHf5iltq5rouSdq4tpY_uof3MtgwEplh6LvGlYrnBXfwkI213v6y7rPI7Kn-79-BTO6c266X2MHQawifbZ1JRvKGvquMW3-WigV2rO5PIf5LPDQ-0kTe-_wvZ6S8nmzParAUGoGmigKpogvuKCZ5u2kUzVorPYxJ8ZwYBYCfL2rJPnQ29Spk64zH63YinbKGPAVXOsIASbKjUcJoS0Iqn3IojMivUg5k0DhJlmUCeuPgno2w397qJVGDnWP_lmkcASfEzTaMM0bKv2PlgzDqsvBzMsMbgj8pgE5geTbm321SV2m4lW5axtNGG1DDnMPP1ZP1Wt0ZXpkPxz6dTbakO9w8QY32OuwA7SQWbE_cW7EqbU1hLrrtYtTnYk5FgGeJzaY8Pj1NmNfLsZFFaXEVgT5JxMts6YyaJ93DaHDX94rAi9d-IKI5Ju5coTqNsmdDafdSyNZ4muz-dx3xt5Xmjf-3R3XLnN91Klcp-pB5pCh57yFPPOImo5zh-v6WsBkp_9U18ULMfBNcQvJDe4SvRES3pQwPKHPxN-0ss0wQC4ka5so-jQpY-QjtLBUwhClnwTt8r881_rPUWUhhacQ_bgimNLjQn33B_HgQLLw-bQMq0Q7UmLdWS5guGhZF_ernu2MW583XX43UYAZIytW2W7F7v_645qFovUgpQx_1ZndcfrZ_qatM8frXE5DOwQvAALtOnGjXbhYUIk1NIvtxiqOMr_061lR3cUotvDOr2AvXIjSw29gfNCd7bocTKObyNu0BHfwE3jl9u8tSqqti7h255DEifdJy3oYTdiCr6zfL2wiVWEEfRA4nsvjQSJpthRCNzCHbDpxbIx_WqlRevjHv86CEYXbVo1LAFbrjDotpRlVC8ErR9YxSLFwszenlna3mW-qWzJJxStC4IIHk_ZpFq9CQ4eF01BSpnN0eITF5PBIKZ7yO6qZJySQ8_JO0w7Ob-q5HE3LQ3FXgh9wzBmMeINVdh1S6cKVZHspllVlk0VWIMZ0LWPKfTzhlnSSiSONpAp2lc3ZXLDvVY4eovRJ6uzemqkMW6ClSkOPdHpzTzOmJkDxifj7WrR6xD8Aq9SmBybO3lYnksMSwaWA4cq8e4TTAOSVu5PjciOA--zpKgaMElPs-ISVGFBxe1YlllKH9cJ3nk4kXe_sAjf_GUE5VoaxNL9QUpNOS3l2sesa8zehbi27l4rK6OM53ijZbzG94Yw_geaJ76lAoPzGPsKz_QOKQbdY51tSNLMkS5RAF69TYjAzckkmYRHHwIL9OyJF60JF-1rocZPUrpJKwZ4FguVL99ochL1DiHVkvQAn2v3YieDpuiMNdAe5llS3JrjNiflLq7zY2lTdCPSG7ZtFRcqkaMO3Qqvr8CUKn0VqQeoeFrDAs8PQWaj9QGpj2mzmOnZcoiXII_q5uX6bf9GPJFvUxnYu0jhhp0xHcSxdq2TQF001OHAB55qKkQ2c6S6qqpXeYltUPtMGyuvJf8XqnLbe6h9EGAFlBFBJ8ms4ERAwAvZ8iW1UFm1YtZmTSHoHAtXTuUMWAtI4H7sYaDf4Kza0BONtYi2MZO-8iWGhlFuVUDPqRuKKxQWWUXGnGGjgjosjKZhpFLoq5j_NN-x8QisBSN4TwSXIkcuYtQ1DEr80kTYBff7rcVy-Pnd1nptxd8gkL6GRtHGtdTJRpdYHPBLmJi2R4qVC2M3gFsO5P5_SdgSmx2acS2HP8dHN3ZxoPx2e1gJvxQXXMJ_8yFPNXsvnZvyR2NuGV7_Gn5f0ro9POJutIDepS05NW5MtzhUCfJoZjGnCSfRlavrSMIMjmUXbzZsygwA98qCNNDvGh4j4q4zhLeKvi2VXTMaT2bLf3JGM0Z3H11PciqvuTBTWT097t3Bqynh5A6rMhXemQszuwlLn6O5v93crgKUdSNVquS2uTNQ8IP-zt8zFSpzgMFArY0qjMgLhiwfAQNi9qK7AHrcAAnWrvpuXjTLIhxzjQs_KMW840XH_iIAjHZ2siNlOHRF1rT_q1IM_5Fp9XTA0n6u3KpE1Totp54lgxch0l3UNHdHyjRl0FjcUz65l5XumbpjF6LqRKXIzUik3SEsjCIaqKFF_0SvCu3dsB82mx4m7S6LitRDQqQ1O0vprlttDln0NexCjSWpS0N3wIS7N9yvo1Ex6Dep1KNh-gKFhBoX3DaJsaCbkHy7D5vlR_WCDLWYx3N9c6RDQ&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDb3kML0d5eTMzcs1Rm4nc--zyvbSOWE2HPndikTEv5wAB05GkGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=4054183949209867000&adk=2428773357&idt=75&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f5891d27bb43b55b9f27cfddef2d7f13f0e115a08145ec1ae13a9729766f184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37840
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B329 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
n.js
geo.moatads.com/ Frame EEF5 		84 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&m=0&ar=fde231f50fe-clean&iw=b8ac528&q=2&cb=0&ym=0&cu=1686929732836&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=9502%3A75167%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A616%3A616%3A0%3A673&jm=-1&fs=203695&na=737064184&cs=0&ord=1686929732836&jv=318272593&callback=DOMlessLLDcallback_40699526
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.30.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-30-82.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
b32cb4f2519128fddbd553040ec42a09bcdf89d2898d32e1aeff8b14b8fa4001

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"ccc8cc36894bc9cd04e2a62eccba59814f819730"
content-length
84
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&m=0&ar=fde231f50fe-clean&iw=b8ac528&q=3&cb=0&ym=0&cu=1686929732836&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=9502%3A75167%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A616%3A616%3A0%3A673&jm=-1&fs=203695&na=1345358526&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 536B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
172804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 15:35:29 GMT
expires
Thu, 13 Jun 2024 15:35:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 20DA 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24d2e3d3f2d5dac9bbd433305dddd7cb545d0f09366f5f01802ff49ac31663f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZTe_OYy5GdagdiJw5GKObA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ZTe_OYy5GdagdiJw5GKObA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
expires
Fri, 16 Jun 2023 15:35:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1B88 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 1B88 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz70s7EyerXW3sJYXSlmLWj7KLb3KDkh4-eyHjcVo6NPKPqhXbHK7M3NjHJeKV4JKzScGFwI42vN1Cu-llG1Sw87I7DfKxC6nshDjq85kSpe7wuJ0lyAgQJMrx_vkyxxfmM69xp9KuHf9hOvkAb_Nzg1PkTCLJ3EIND8yZn--kbA_sjSM&dbm_d=AKAmf-Agbx8H2lWjwleWl2Dxzddiezwe7CU0oBv3FG3y0oWG2iGFopCz2cpdwfVLoM1aUn0NXTM_1q54bpeFv2NaluGJxw2PgEfqFBGRMZJJloBJkHTEKKSSPyksLcqSViHV43ziHv_3ZTqYKfb8OUk12HtQVQKQ4ezGN9ZLvqhHhz0TNqFzTVImwrvIs0voGz28-Tm6A8gnTqsmc3KUscdG6Wkidx5Zj_40wZgwdNaQeYnGWU2g6vJ1vFf0qVU_86P4DaND5JDq5DnaWFGmsUn2-ShEp2h-Xa4EHfGZrWE8-C4cdqOEZrD7dhJY-DGS9OWfnUpSfg1Lo7LuCCaqiV2oG-PMLFxhgBR8HoJbrSZe1cYhvmHElOTtLds3cnXqVdQAhPX8fn1trEiMmtX-u2sSXREojWk8SXouLUnSUqkzZ4zj7VQyKlUkLtW_E46qoObodPxy3Jjtj6k1iaZAJ2Oism6USCaIc3mcmRogSPVvHa1wVb1755SdIdGAD434M7Qna67YFE7LrVlSW78xSsBo0roN-KQI3gwyp6IX_TvOxUvFVPPZJ-dhcRQHRMi4HxOpDddeByrVlNQkT37GV0lSxj3VuBcTlHEw8aDTjszo8EOBWl54d2_u1h1GWmPn9EDaMva2N4ddLy2dwhvlgdk4jc1UZZKgf1NG9NVmuPSJN654ySEPaP2gH197xJs4yqEpBPZ7ik3bJIgL17tKJwL2u6NfogPKnVD2Gz7Sle3cXvABvz2B1Dof6ODQlQiM2_3HvjWB7Ty4CQeUgAPLG17oByfsz0mLJ2vUyTaQpJozx5DJKmICHDFQ7EZQPWyVXPPvHCELmbOOe2j5ptvMHbitx0vG0fG4-cBVaim9zve8_An-FKVuqS6rsINfftcpCRt8FMWvQmaZkTeFTeSJHHxexoQa4Hi_nrPZF2F3nPo_hUsfPurHBp9X-3pXmuk1BlLWwGJSCaieVTObR-PZYGd08uXAQcap0viBQyZoTa2zPgOvKoU0ofa7sdWuQd2VH5oqdTIYvoSgupJalvg7jhKnzoP_tNsRbi5MPMbZAtlABF_4q3btaXYRoE2tSTcK42gj0XImrpwGFYABpAJoIfkxuNv9emihbtFI4rjQ0GOY5AsjR1CDzoTZGsNx80umsE4J7HBQunYWIeQNYGhclKNNJolJ2IfO-pkfuf8vRjNIoWCSSV-EN1fSLHHiiMFKC10T-92OUdXGiw03aGIztpCz8WJSA6Gqa0JdJpknE79nQcZ-sylIXJUtErpWZnx32C4evDT7jpNaGWuLx0PFLARsEupBPzc_OqBgIcp02E9xnY3-y5EzxPuwNRFnTWuiAYL7djVITjUDbXgOvhwvwv4zGKJ0r6qzvDdC1fWMhiA2A1LNc4ZlQSYVzaI5DYkOW6CpXvYBWjdP0ZM_UP_oSCMTMJep5zg3SC5gi_gyMRgNBOIlinJZ3EUbOetwikXiQWrE-IwRkUBCXAI8KEs6fcLzJPYdq3Eh95qYeHrx-nFeOWIfLKRA35iqjS9bysaXMuDmqzN-zWm2Anq3JuTUnbJrcp673bO7h3tOLSCT0KdHS5ARI9SmluWyLNdYxcZFqmGfeAFBGl7YvLvAQ_ajJ2Xr9FgOtqHBYWWpJA9_rmHtB3Xr76BKmtte1Je5swQ0l825ZiYt7nnyTZUlJyEd-Jd3M7xvRnxv3OUFKSFGmD1zRFgtXJF7TRvOZhJS0yAyQceUn5Qs-wh3_PhKiZXIwF5K7pkA1Pr9OKuqhtwJbvExNd90zprYX5WvUD7uJ1qUOnsAzt6vW5Mai3Rd6NO-V3KlII74l9WPsHFa2GWibzrPYTPcGn15O3vOQBhAdqDoDZE0EJsb8CrZW_p_rJuvC0rrX2G_MHX6CkJR2CI2rXrl2TR7zWL_3t8eFD2I9WNq4SZjvT0O1A8v7julbSaI5jvLapDH6UHMAog6GGxK9t9h69aO5OfTw7w0xpt2N12HTXgHXvCC6i5ciI4nJJOX1v970xQ3qNWGP-pspcD9hjZOOgxBKzBKEkxI4mbLfwQFEIrW0XrhcWPgzdaV2DQWw-6BgpElX0Kev1dJAkkw0Pd6ZBf9cQXEhv4d7c6xbjPLd7IavdzNrx6f-AmEBr_It9ECSH6TqdEtfOg_SJRV0m97-cIdntIUYTC6Vk3yRXOphf2I-MtbQdC9LeTp6DhHKk_rBxQU6HwAXRNLCWdXvlwWgvpCXej6xkoImA2hFr6uIGOEqXcLovRyQq0maqpAvcQeiKcPn_l5CTChI_Zqd0X7_MlWmATaOpO5_jiW-dNWlTMImd5U35jEGWgJanZkfKtzWfLZhsja6sEYSATM5gYxXNOQRGTUoxz2d6fqlA9kmbWXy0b2U8G3k1WW-oA_44A-V46tJsU-NqghMlQ5ktI1Q_YP59nhn4yDzuwlNLQcocnx11PkZuK0dxCk2l0WjZtcuXU0KAIslIDmbWbIHfvhkfHkR4sQ7KpqsISfSV6tgp1vU1_7Lmaj-Yja3FtENCSmRuwkmBDSsUks059ze-fZOpxYp0pp36IN1vIAKhiBLV57mzV4IBIBMIoWzzvfqx92UD9T9WbZGlagLSjU9bE-qHqlHY-k174aSY59zIpvQOMDrx1swRkRwTwZsKh-CUra0a33XGZSs8npCC7gtXXO0ZJB0plRZSVkRSoXZFw3q3ArHW54Q-gLKfP6Lx7ilgNL316kBDG18n0VUZmB4dtTY41j0Td-MvlNqy2h6IjQe304pzV4RTb36vZKkV4BFUrPWi-pmACD8UkDjWRcyGysG3c1_b9tOdcdtwxk-lSUAgPe5dhSwyOa_OkSSSaMGn38jh5_fisFlXt7YQ7nwuakU7w-LqBmUxVK0BUfF-GmVa8gH4106HCWpzgC-1nnZco8OtwLFp74gCHlkNKtiXPE83TjyxO12nFTPVQCT_AEwxiqSm8n0miPHO-OxDt9oA9U9UUWJyh-ciFdbRkRz11X2ujlDyBE1GkEBaaZY9hkmdxnoYjHLsBORsEa8_AtM7eRym-Cy8jRR-Nb4oCsR8_8__Yyz2Y9mQhtTWDkX_tCwfIlsuyLSPRV-c5AV-D-BmLhWzLvcJHUpmtrGG-SWTmcIRPXpQOGyU18S6xkNEU-YvR4YyiViu9op_MWZKlgM2mQ4g3WHaROnGq2ZfAv0FE-75hejQViOFHfeId0yLjw1D56qpX73KPFKTvH87y2tKfx-ufB1AYA1q2uFA2NzOoSsoKchP_S34Zh8Adkz1vhT8EgqLqRhUPkyblYn-zyCZJVrxym4AOBDEOblNLw5u9C1fzPRzFYLPjcjE6QPFE80s0pKAPOs7CM4QcQGy_f1DIWs-sheBdz1hlMXQOasw6VnLa_JvonAeB729PlynvzZCVFd7c8PGo7fDWdFZ1FoSfZEbtgj8yVwf-adl3q-KHDDNeqmxt0mO4&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDlbPR9-VaOHc0U0Kd5Kzg6_hMrrzfGFF5J3Dt68aIQb8oPnG2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=2944646475514724000&adk=3030632&idt=154&cac=0&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 1B88 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz70s7EyerXW3sJYXSlmLWj7KLb3KDkh4-eyHjcVo6NPKPqhXbHK7M3NjHJeKV4JKzScGFwI42vN1Cu-llG1Sw87I7DfKxC6nshDjq85kSpe7wuJ0lyAgQJMrx_vkyxxfmM69xp9KuHf9hOvkAb_Nzg1PkTCLJ3EIND8yZn--kbA_sjSM&dbm_d=AKAmf-Agbx8H2lWjwleWl2Dxzddiezwe7CU0oBv3FG3y0oWG2iGFopCz2cpdwfVLoM1aUn0NXTM_1q54bpeFv2NaluGJxw2PgEfqFBGRMZJJloBJkHTEKKSSPyksLcqSViHV43ziHv_3ZTqYKfb8OUk12HtQVQKQ4ezGN9ZLvqhHhz0TNqFzTVImwrvIs0voGz28-Tm6A8gnTqsmc3KUscdG6Wkidx5Zj_40wZgwdNaQeYnGWU2g6vJ1vFf0qVU_86P4DaND5JDq5DnaWFGmsUn2-ShEp2h-Xa4EHfGZrWE8-C4cdqOEZrD7dhJY-DGS9OWfnUpSfg1Lo7LuCCaqiV2oG-PMLFxhgBR8HoJbrSZe1cYhvmHElOTtLds3cnXqVdQAhPX8fn1trEiMmtX-u2sSXREojWk8SXouLUnSUqkzZ4zj7VQyKlUkLtW_E46qoObodPxy3Jjtj6k1iaZAJ2Oism6USCaIc3mcmRogSPVvHa1wVb1755SdIdGAD434M7Qna67YFE7LrVlSW78xSsBo0roN-KQI3gwyp6IX_TvOxUvFVPPZJ-dhcRQHRMi4HxOpDddeByrVlNQkT37GV0lSxj3VuBcTlHEw8aDTjszo8EOBWl54d2_u1h1GWmPn9EDaMva2N4ddLy2dwhvlgdk4jc1UZZKgf1NG9NVmuPSJN654ySEPaP2gH197xJs4yqEpBPZ7ik3bJIgL17tKJwL2u6NfogPKnVD2Gz7Sle3cXvABvz2B1Dof6ODQlQiM2_3HvjWB7Ty4CQeUgAPLG17oByfsz0mLJ2vUyTaQpJozx5DJKmICHDFQ7EZQPWyVXPPvHCELmbOOe2j5ptvMHbitx0vG0fG4-cBVaim9zve8_An-FKVuqS6rsINfftcpCRt8FMWvQmaZkTeFTeSJHHxexoQa4Hi_nrPZF2F3nPo_hUsfPurHBp9X-3pXmuk1BlLWwGJSCaieVTObR-PZYGd08uXAQcap0viBQyZoTa2zPgOvKoU0ofa7sdWuQd2VH5oqdTIYvoSgupJalvg7jhKnzoP_tNsRbi5MPMbZAtlABF_4q3btaXYRoE2tSTcK42gj0XImrpwGFYABpAJoIfkxuNv9emihbtFI4rjQ0GOY5AsjR1CDzoTZGsNx80umsE4J7HBQunYWIeQNYGhclKNNJolJ2IfO-pkfuf8vRjNIoWCSSV-EN1fSLHHiiMFKC10T-92OUdXGiw03aGIztpCz8WJSA6Gqa0JdJpknE79nQcZ-sylIXJUtErpWZnx32C4evDT7jpNaGWuLx0PFLARsEupBPzc_OqBgIcp02E9xnY3-y5EzxPuwNRFnTWuiAYL7djVITjUDbXgOvhwvwv4zGKJ0r6qzvDdC1fWMhiA2A1LNc4ZlQSYVzaI5DYkOW6CpXvYBWjdP0ZM_UP_oSCMTMJep5zg3SC5gi_gyMRgNBOIlinJZ3EUbOetwikXiQWrE-IwRkUBCXAI8KEs6fcLzJPYdq3Eh95qYeHrx-nFeOWIfLKRA35iqjS9bysaXMuDmqzN-zWm2Anq3JuTUnbJrcp673bO7h3tOLSCT0KdHS5ARI9SmluWyLNdYxcZFqmGfeAFBGl7YvLvAQ_ajJ2Xr9FgOtqHBYWWpJA9_rmHtB3Xr76BKmtte1Je5swQ0l825ZiYt7nnyTZUlJyEd-Jd3M7xvRnxv3OUFKSFGmD1zRFgtXJF7TRvOZhJS0yAyQceUn5Qs-wh3_PhKiZXIwF5K7pkA1Pr9OKuqhtwJbvExNd90zprYX5WvUD7uJ1qUOnsAzt6vW5Mai3Rd6NO-V3KlII74l9WPsHFa2GWibzrPYTPcGn15O3vOQBhAdqDoDZE0EJsb8CrZW_p_rJuvC0rrX2G_MHX6CkJR2CI2rXrl2TR7zWL_3t8eFD2I9WNq4SZjvT0O1A8v7julbSaI5jvLapDH6UHMAog6GGxK9t9h69aO5OfTw7w0xpt2N12HTXgHXvCC6i5ciI4nJJOX1v970xQ3qNWGP-pspcD9hjZOOgxBKzBKEkxI4mbLfwQFEIrW0XrhcWPgzdaV2DQWw-6BgpElX0Kev1dJAkkw0Pd6ZBf9cQXEhv4d7c6xbjPLd7IavdzNrx6f-AmEBr_It9ECSH6TqdEtfOg_SJRV0m97-cIdntIUYTC6Vk3yRXOphf2I-MtbQdC9LeTp6DhHKk_rBxQU6HwAXRNLCWdXvlwWgvpCXej6xkoImA2hFr6uIGOEqXcLovRyQq0maqpAvcQeiKcPn_l5CTChI_Zqd0X7_MlWmATaOpO5_jiW-dNWlTMImd5U35jEGWgJanZkfKtzWfLZhsja6sEYSATM5gYxXNOQRGTUoxz2d6fqlA9kmbWXy0b2U8G3k1WW-oA_44A-V46tJsU-NqghMlQ5ktI1Q_YP59nhn4yDzuwlNLQcocnx11PkZuK0dxCk2l0WjZtcuXU0KAIslIDmbWbIHfvhkfHkR4sQ7KpqsISfSV6tgp1vU1_7Lmaj-Yja3FtENCSmRuwkmBDSsUks059ze-fZOpxYp0pp36IN1vIAKhiBLV57mzV4IBIBMIoWzzvfqx92UD9T9WbZGlagLSjU9bE-qHqlHY-k174aSY59zIpvQOMDrx1swRkRwTwZsKh-CUra0a33XGZSs8npCC7gtXXO0ZJB0plRZSVkRSoXZFw3q3ArHW54Q-gLKfP6Lx7ilgNL316kBDG18n0VUZmB4dtTY41j0Td-MvlNqy2h6IjQe304pzV4RTb36vZKkV4BFUrPWi-pmACD8UkDjWRcyGysG3c1_b9tOdcdtwxk-lSUAgPe5dhSwyOa_OkSSSaMGn38jh5_fisFlXt7YQ7nwuakU7w-LqBmUxVK0BUfF-GmVa8gH4106HCWpzgC-1nnZco8OtwLFp74gCHlkNKtiXPE83TjyxO12nFTPVQCT_AEwxiqSm8n0miPHO-OxDt9oA9U9UUWJyh-ciFdbRkRz11X2ujlDyBE1GkEBaaZY9hkmdxnoYjHLsBORsEa8_AtM7eRym-Cy8jRR-Nb4oCsR8_8__Yyz2Y9mQhtTWDkX_tCwfIlsuyLSPRV-c5AV-D-BmLhWzLvcJHUpmtrGG-SWTmcIRPXpQOGyU18S6xkNEU-YvR4YyiViu9op_MWZKlgM2mQ4g3WHaROnGq2ZfAv0FE-75hejQViOFHfeId0yLjw1D56qpX73KPFKTvH87y2tKfx-ufB1AYA1q2uFA2NzOoSsoKchP_S34Zh8Adkz1vhT8EgqLqRhUPkyblYn-zyCZJVrxym4AOBDEOblNLw5u9C1fzPRzFYLPjcjE6QPFE80s0pKAPOs7CM4QcQGy_f1DIWs-sheBdz1hlMXQOasw6VnLa_JvonAeB729PlynvzZCVFd7c8PGo7fDWdFZ1FoSfZEbtgj8yVwf-adl3q-KHDDNeqmxt0mO4&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDlbPR9-VaOHc0U0Kd5Kzg6_hMrrzfGFF5J3Dt68aIQb8oPnG2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=2944646475514724000&adk=3030632&idt=154&cac=0&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1B88 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame 34CE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=fefxqlcl&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CF11 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame CF11 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsKNn9H0TNtz4owDL5wyKtgdNVlUH1XCTIet2Mnd6fLHLQq6qe049dTisQP58OowI82YO2EV4VDhsRr2yG8OgV12btv_lZXlDXFbpZKXKSJa5ZEApwTR6dD7nOpX_KqtuqUUluOct_BNK4cKatfRy6ESMhDSMutbG2z7r0wsdR-aM36So&dbm_d=AKAmf-CRwB7GDsCbhjtNmFEd-TF4nYfMemhS6hNUGO52IuFAY3zOuid6cAPHUkc59qGs4tesvlBaXmzy9uG-xBKX1rq5_sBegLOO2HGtwbzW3tJiUCXlYyXs9AqsXztPb1b7nStHykQPICXoDZu8GMQHMgZHf1peEGlrl_zFmqoBUWTCbISVfEzT2vPhqe_qkKb4Op18TzyMt1qXYiUpr_GDdU3dCj0NO3qY-OfrYun79EDB1MYS8wYuLFSWuggNi1N5PXvm4cGPdCHABLg3sKcn-2Ii7i210c39EWSh8F8o_M8QyyEe6AqU3wGu7mQOCKcyrAtZuyS1WVmcBe7De0NOkIF9zsXOfdhKbWCTr6m5h3HbKIzi3krTD6Dt8BsNvLiv530njhS2YgZQhfSQn4DCnJ78vI28O49J90E4Det43AIlB7MhBpOnvl3II69HMXZhwEwTupI2aVhDT0emc8CEe3Os-dPT8ZE63jWjLJSyDbmW2qrk1UoAQjGqHwd4bHS-FY3eanteiX9MUuzuKYXCHvQZz_M4OX2x7eEL5F4SKWrG2tszp-7jJjmS_g2BusXtOKjIYi4sjoYrVe7XL0-zj0WS3cvZyWbNvV5m-Vqgs6ZPAhh0zye9t6fP2vL-MLZ0XfZi8n97W3z7wXCAJqYF6pjejcCcKf-JyLIQYj0dFsiux_Qxk_7EzAo3RsglkI7GueSDJ75Wjhf5_wjK7sXq-oy-ritR-EvKNrsOKvTvKGE8ghH0Bll6x-YSmyRxO33pj5IM7pM3Ta7QZE_1mHMg3_bmNE6IJWBMCaUDDzi8ZJG99i0EEAz15q0gYyNgoUNDvJBY4MTKK47ehLgPFQ19UAapZ4CxAnPEx4BstnOwHia7PG6FzCRg0KJg9wAQF1H2YYwW0Gmw6Jd4dtfZPUDTftqUIFPvKdCMxuH59Cgm3rOhv6rt0uR7KXNxD77YeCKyXK63byF32ZqeLpdAKe1IcZPGTLZh_kTxUollqXU2zqPRCyddqJ9aNs-NHdfWP4cp4kJSHQWf53cjzJIEqiWfye5MY6SwBJTU-_fn42rcgfIyNNOsDa8d_TfnXrtZD5OQ-tb0OMCcUyFaGhvSzWYFMq9BUzKjtrvKz3YyFFDmKpF0-9JErwIpR7W2FBcLnhaqFvqxLRJph8kzvPmanWzeyIlwsh0mTdz39nWEGWdSiVBwoz5-AWc0UheYJWAn7MHp5KoqWIQrNgWyXlPFTGSGI77ul5q4jIhBNnZBAxiqbOvl9je6hp-3AufQkqlVJa8nUJaTRf0HhKkDp41VSy7ldX45mYx5mfKSjBOGKngBg1qQiN9ay7VDyCOYHsdimupzqdosTkWf6ZYqpSpjOIywb5WlDnzySD7LQ6gXdPMsVdd6eWF5fPk-GRwgPW90QQ7SFsKXLWkuRfS1blyWIjB97ifcGn6wsNpxroyqiw5AbRaR6DFFcEYBN9FG-34xEWLvPMhUj1mi3lTjj5PQ-YbM8C2W0dglG4mVIvQ8P9GK1p5o4mkJNdOyj6iPv3u3IFxk943F3S1r4rRnbUMM8-_D_o67YG5dVYMgwhBzdNVAcOnKfF0sOFPIQoABdK91v6zngRFbwVkvT3D56PhnbQe-y8GCTyorhNeKzY7iAd0jmaGUsQVjYJc6ZDkCbBkRBf6OhjICGvXNLjTO3vsTv1ZXulgIhRFnRra9FWtSNUCcm4Rt9jV1tZUcKz6yfuwMs1fwWmtBZ5HtLHh5XUvdYTC9fB83O0YiL1SzqCXwU93w0ysHtBTVVSiuHsi_GYWYb7H65lExkJ99EW9emDa-7P_jCpLV5G9g_bnWFjfyKcdVeKSCJ3aLeNWcyy8beV69wX0Dc0wSECXDyvlXnMXticN9NUGZSABrg-OICgc6P6kZgpPM9ywFDlLgIm8MO9PmbwoNow2rBC4ZYivqOoZ_bYiIGKyoBptiOEaUWavUg8_p2r8Fdik4VOFKvvH1M-IvpLzNwkg-4ZXdkvKcPM5Tv1swvvYPd6eqtoA6hjYx82ucE246ua7_Vrns8nTayeJpPSlvj5fv0UxllIyZbhGrSyNmGsMJBGBaRArrb7FvJzex5lQxuDBWpN1x4Zci6MzuedCRZi4dRrWgdQ2UF4PXFTq38giPhaZqESsmbEXKW14Ek5NggPfo4gp3e2J-E3IjlLJh1DbWcSX3TczVas3EdVbvsepG0p6D0mYL9pmgbhvzwn233woSPRDakdi5UCtFFYpWGNPT3mazuOr03jHWJq3f2SjteVm6_hjUSf3aJRdFq4G4x8rSSfzx5dhZR22QJ1U25URRn4V0TCpHFCBgrgF8ZmIULai8jd5tmVUNyap58jIq3AsKDhh144VNAdsJ8wwdldHIBdjD3KhvzDHHPiTIMFfuPZ3OufqDEB0BT4dn7IXVGsVxvNhXTAdr4L4LpP06NSG1wnauuOFkp_Kdfihn0ltj4Axf3bBG077bUFcT8QxW8KSoclili7TJJnAwq-5c2h0IPTKXt_Fyju1RFMNdenLTKPp0OUK3WHS_jzJjDO_htYUqsuf-0yMUwf0VnxrxeZbzAX0Cy3xvnpHTKQK5pifC8v6voT42gaHfnuGak1Retiwn_U-v0sznRTjzpU1KYd7b86IpIek079-FrmqxjqdZRztC0nLsdxhLnz0-DKOpcHo3eKq6WtbnqL9xZGVehs9jQwKFOwMAe-HrwhSd_LHt3IT3aetygcBuIrHnBVn52KMnxCeIm3C_xJPtTXQ3bqP2HzqSHJDGkQ8JO3oH-YjQa-dnryvYQzZ4I2R3bO8A1hgiwZULvcWgLN_sViUUDwXNMzJlrijlxjlsoV_8dBx7QmeMJ5EgdvL2-UnR9q_DnfB2-Z2yRNTYxKE2oqMhTNoGjbVjIDbieiXVA9aEKMh1YBXbxeDpk3frMu1kPR2kQoqWWTES2l7v_M3VLMT-s6mqjinevHxxycnsgOvnT5XeZLS_uFTkKwmY5sOdrhMr2YrdgbqcgUI4ppv38kELFIV8Tidigmo5E9D1lXiFtWndveBR6d6j1DwCY7SiRduZ-r1upK18V-7wErU0tzCzB9S64E01WmkRvibBWZuXpIsW8BiRSDD9WDhqHvd9AvFDKuyS1cMYnOW3IWPorid5qCr8WtReQCvhLMwceOwdTlie6kj5bXl3YGCs64vwTKMs1Tf1rYuxuxOAEobKVge8PJk2vU3Aos6HVsdwaYqIaQEEGnjPvArPXvN3suuioNV-EIp5hF9z5h6IfUX8laaQoJ9b5PMH6bIOQAwvAJyW_S34XmR4sAYivhokoFqpYuEcwI-4jIWjfnMwr9Y4F1Alb9M6SN8l_73w9277N6pzIaQ02yZEhgyb_2cP-EUNaqsi1f7fO6NLPxO0XZcvPPVpkKP7oUXLAyz1JVLGsGGMI8FN3SW_QU1njX_PJLZoW-US3b-RZ2c&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiD7N8ZYmUNXt4UzvhGreLXhRlUt-IBgjRkKiesRjikTlVmZdtGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=11643965540367774000&adk=250276038&idt=80&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame CF11 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsKNn9H0TNtz4owDL5wyKtgdNVlUH1XCTIet2Mnd6fLHLQq6qe049dTisQP58OowI82YO2EV4VDhsRr2yG8OgV12btv_lZXlDXFbpZKXKSJa5ZEApwTR6dD7nOpX_KqtuqUUluOct_BNK4cKatfRy6ESMhDSMutbG2z7r0wsdR-aM36So&dbm_d=AKAmf-CRwB7GDsCbhjtNmFEd-TF4nYfMemhS6hNUGO52IuFAY3zOuid6cAPHUkc59qGs4tesvlBaXmzy9uG-xBKX1rq5_sBegLOO2HGtwbzW3tJiUCXlYyXs9AqsXztPb1b7nStHykQPICXoDZu8GMQHMgZHf1peEGlrl_zFmqoBUWTCbISVfEzT2vPhqe_qkKb4Op18TzyMt1qXYiUpr_GDdU3dCj0NO3qY-OfrYun79EDB1MYS8wYuLFSWuggNi1N5PXvm4cGPdCHABLg3sKcn-2Ii7i210c39EWSh8F8o_M8QyyEe6AqU3wGu7mQOCKcyrAtZuyS1WVmcBe7De0NOkIF9zsXOfdhKbWCTr6m5h3HbKIzi3krTD6Dt8BsNvLiv530njhS2YgZQhfSQn4DCnJ78vI28O49J90E4Det43AIlB7MhBpOnvl3II69HMXZhwEwTupI2aVhDT0emc8CEe3Os-dPT8ZE63jWjLJSyDbmW2qrk1UoAQjGqHwd4bHS-FY3eanteiX9MUuzuKYXCHvQZz_M4OX2x7eEL5F4SKWrG2tszp-7jJjmS_g2BusXtOKjIYi4sjoYrVe7XL0-zj0WS3cvZyWbNvV5m-Vqgs6ZPAhh0zye9t6fP2vL-MLZ0XfZi8n97W3z7wXCAJqYF6pjejcCcKf-JyLIQYj0dFsiux_Qxk_7EzAo3RsglkI7GueSDJ75Wjhf5_wjK7sXq-oy-ritR-EvKNrsOKvTvKGE8ghH0Bll6x-YSmyRxO33pj5IM7pM3Ta7QZE_1mHMg3_bmNE6IJWBMCaUDDzi8ZJG99i0EEAz15q0gYyNgoUNDvJBY4MTKK47ehLgPFQ19UAapZ4CxAnPEx4BstnOwHia7PG6FzCRg0KJg9wAQF1H2YYwW0Gmw6Jd4dtfZPUDTftqUIFPvKdCMxuH59Cgm3rOhv6rt0uR7KXNxD77YeCKyXK63byF32ZqeLpdAKe1IcZPGTLZh_kTxUollqXU2zqPRCyddqJ9aNs-NHdfWP4cp4kJSHQWf53cjzJIEqiWfye5MY6SwBJTU-_fn42rcgfIyNNOsDa8d_TfnXrtZD5OQ-tb0OMCcUyFaGhvSzWYFMq9BUzKjtrvKz3YyFFDmKpF0-9JErwIpR7W2FBcLnhaqFvqxLRJph8kzvPmanWzeyIlwsh0mTdz39nWEGWdSiVBwoz5-AWc0UheYJWAn7MHp5KoqWIQrNgWyXlPFTGSGI77ul5q4jIhBNnZBAxiqbOvl9je6hp-3AufQkqlVJa8nUJaTRf0HhKkDp41VSy7ldX45mYx5mfKSjBOGKngBg1qQiN9ay7VDyCOYHsdimupzqdosTkWf6ZYqpSpjOIywb5WlDnzySD7LQ6gXdPMsVdd6eWF5fPk-GRwgPW90QQ7SFsKXLWkuRfS1blyWIjB97ifcGn6wsNpxroyqiw5AbRaR6DFFcEYBN9FG-34xEWLvPMhUj1mi3lTjj5PQ-YbM8C2W0dglG4mVIvQ8P9GK1p5o4mkJNdOyj6iPv3u3IFxk943F3S1r4rRnbUMM8-_D_o67YG5dVYMgwhBzdNVAcOnKfF0sOFPIQoABdK91v6zngRFbwVkvT3D56PhnbQe-y8GCTyorhNeKzY7iAd0jmaGUsQVjYJc6ZDkCbBkRBf6OhjICGvXNLjTO3vsTv1ZXulgIhRFnRra9FWtSNUCcm4Rt9jV1tZUcKz6yfuwMs1fwWmtBZ5HtLHh5XUvdYTC9fB83O0YiL1SzqCXwU93w0ysHtBTVVSiuHsi_GYWYb7H65lExkJ99EW9emDa-7P_jCpLV5G9g_bnWFjfyKcdVeKSCJ3aLeNWcyy8beV69wX0Dc0wSECXDyvlXnMXticN9NUGZSABrg-OICgc6P6kZgpPM9ywFDlLgIm8MO9PmbwoNow2rBC4ZYivqOoZ_bYiIGKyoBptiOEaUWavUg8_p2r8Fdik4VOFKvvH1M-IvpLzNwkg-4ZXdkvKcPM5Tv1swvvYPd6eqtoA6hjYx82ucE246ua7_Vrns8nTayeJpPSlvj5fv0UxllIyZbhGrSyNmGsMJBGBaRArrb7FvJzex5lQxuDBWpN1x4Zci6MzuedCRZi4dRrWgdQ2UF4PXFTq38giPhaZqESsmbEXKW14Ek5NggPfo4gp3e2J-E3IjlLJh1DbWcSX3TczVas3EdVbvsepG0p6D0mYL9pmgbhvzwn233woSPRDakdi5UCtFFYpWGNPT3mazuOr03jHWJq3f2SjteVm6_hjUSf3aJRdFq4G4x8rSSfzx5dhZR22QJ1U25URRn4V0TCpHFCBgrgF8ZmIULai8jd5tmVUNyap58jIq3AsKDhh144VNAdsJ8wwdldHIBdjD3KhvzDHHPiTIMFfuPZ3OufqDEB0BT4dn7IXVGsVxvNhXTAdr4L4LpP06NSG1wnauuOFkp_Kdfihn0ltj4Axf3bBG077bUFcT8QxW8KSoclili7TJJnAwq-5c2h0IPTKXt_Fyju1RFMNdenLTKPp0OUK3WHS_jzJjDO_htYUqsuf-0yMUwf0VnxrxeZbzAX0Cy3xvnpHTKQK5pifC8v6voT42gaHfnuGak1Retiwn_U-v0sznRTjzpU1KYd7b86IpIek079-FrmqxjqdZRztC0nLsdxhLnz0-DKOpcHo3eKq6WtbnqL9xZGVehs9jQwKFOwMAe-HrwhSd_LHt3IT3aetygcBuIrHnBVn52KMnxCeIm3C_xJPtTXQ3bqP2HzqSHJDGkQ8JO3oH-YjQa-dnryvYQzZ4I2R3bO8A1hgiwZULvcWgLN_sViUUDwXNMzJlrijlxjlsoV_8dBx7QmeMJ5EgdvL2-UnR9q_DnfB2-Z2yRNTYxKE2oqMhTNoGjbVjIDbieiXVA9aEKMh1YBXbxeDpk3frMu1kPR2kQoqWWTES2l7v_M3VLMT-s6mqjinevHxxycnsgOvnT5XeZLS_uFTkKwmY5sOdrhMr2YrdgbqcgUI4ppv38kELFIV8Tidigmo5E9D1lXiFtWndveBR6d6j1DwCY7SiRduZ-r1upK18V-7wErU0tzCzB9S64E01WmkRvibBWZuXpIsW8BiRSDD9WDhqHvd9AvFDKuyS1cMYnOW3IWPorid5qCr8WtReQCvhLMwceOwdTlie6kj5bXl3YGCs64vwTKMs1Tf1rYuxuxOAEobKVge8PJk2vU3Aos6HVsdwaYqIaQEEGnjPvArPXvN3suuioNV-EIp5hF9z5h6IfUX8laaQoJ9b5PMH6bIOQAwvAJyW_S34XmR4sAYivhokoFqpYuEcwI-4jIWjfnMwr9Y4F1Alb9M6SN8l_73w9277N6pzIaQ02yZEhgyb_2cP-EUNaqsi1f7fO6NLPxO0XZcvPPVpkKP7oUXLAyz1JVLGsGGMI8FN3SW_QU1njX_PJLZoW-US3b-RZ2c&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiD7N8ZYmUNXt4UzvhGreLXhRlUt-IBgjRkKiesRjikTlVmZdtGGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=11643965540367774000&adk=250276038&idt=80&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CF11 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame CF8A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=xwjvohytl&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 862C 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 862C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CepKZ-tkg-vFcO_M92i1i3Wa1eYOsFaa5ONWBC-okOYvhJCnS3g4_-bBTaFpkUyLtPjNMD9OEaO9juK1EbKhn-fCjUJeURpnWazhl3WjFuI2rHEO4aYi0u5J79156pCFH_PEz5FftX9OSlfa4oyy_dTxJn8QvTIt_szaiHEAo7H0Nrjik&dbm_d=AKAmf-BhtFs5HlH1TrqOAeoh0AnV3PayE-2gw6Dt3C3MpI2Cm7qCtSSrf6MFTAe9OZA_8uHImDDri2TlFblX9GxENvNSf7PwegdM6ZXz1YcoOxlyt4ReP6QbFxbA4gWt3nkIe-Fr64DmHtNfOUeopY66KNJkHHjP_L_oKbNOL1oRTmIT6JXOhu66YrE_hB8KmAcgWcbOU7ggOYPe9sMQjgagHLTtu8C8JfsNv-JpISYd_z2e2NbHRUjAcIYr-GOLNy2n0wTBwG072Eio5OxI14U7HnscwBDQPjTb7dl_-2iOjRTx09YN5cfVYQ5CTMxOXhIb5623dL6U_N02qbFYkzkDp9MqbVLHjBUpk9r9HoNZHU9VEdEY7UDiMG1W_jbgYRSUdqS9G9N9W1ALgTloim9dphshoRlLPDkME83IunfBG5lz0_og-6ZowIUCtYWUS9j0uMhoKKh2d_rEDW_ZTDGLOHMMyG_lm5Rg23-FkNxscDyJ1fMiRHQVhsizXMxgbVsGmCeaKamGksiioRWo7JmbWhgtFAI-RQZnfy3ymFjEnWc6lJLox12VE3-KOQ9j_DbnTCmEA6CwG-jikHJ72uC9hC9vUVxTer5DBxq7EyIeg04_ycY-Ms2CYOZIuiTw49kOxS-ndDeJHQgktJETnVc2J4zjTRJOrK9XzopGhiZ001cr906qZhz9_zjrRBgnReCdW-6Ok-2z3gTN2uxnE9fqsJpv1cvqVhkBRw_fwuDnLkgASOKpZBVDsXSXIpnwqUNhWYUqQT76ThUjIg7jvb9oaSDy22Lb4Db4PWHoEKugEZT4sO7Z3yoPnPQijrPeyc27u9Sr1Zoqhor4L4v7mDBseD8ZIOR-aey9zpCCvIBQqVd4EIHnTSxnRtXqmzHIIbboxo5gh6FyLCcNa3ikCr3b0TtHSmbing-gwaVvTao39sySeLgeBaHSA6V32vkB4VKeD2yiiWSa0KA3JRps_DyeQuqyXGupEvO-Sc4VzkJbwmNs5dqjC3N3NjgCxaWNBK8RbxLbQ7bcaeicfFoX2gYurssRaF6vnc2xtFT0cUDOSNxMe88ENMNp6v2_q7ZhsMZgik5Yszo7bc16Iqq6TWGhrPNd0PES81tp6ygukY6y6zJnMclsIwHZqVE74d52kAMnA3tavjdY-JPjqhw2Cq19VTUkIwt3K2On0J-t6kDFrHzB9ZIlTSJ3E-EIUM-QjexN07jmVK-aVzAhMMViDXAgq_lpmtnLiLqLqwhCTb4w8zN2WpcQuujd8rDbeY1qmE4T9SbPfizNRbqiVXU0o89Ji2AifSRW2KFvxRNWtHcYBfHHUz3IHGfpthhHtPXsWXx5aOmJ8JrATo6zku8NrheYM8g5w7eIUK01WbvSZT12yIELHAsKvrCZjxzOzQMs7YNu_fRxgWpJGBgOuCHcRxUDuBl1W-J0dw3l8WbDk_psaEa7LmnccRkk1tPAec-RAFQPK6o5huKH2WFmKwO8IjqwE2-Swc_nyBX51wiz2xylrxLyS4cLMqW8-T5CkVn_52tQR1NDEjMWk88SEqbgl81bR48XitW2wzOTitQHc3wpC3pQLFlSWZ-l_Am8Rcrw1nXggVg2jkAO4UzGALiOg1l3TxoEz4pcnCZ46Y8cXt8oPy5TpCED88iOIHWQmkLmk657jYqOkVqSyWikz8M1mq2EoicP4rtbYg6zoWlvLAmLELaGku388DKdI7nTe5ektftiGmk8STV9esWA2xOhyawJMq9LqHoKmT-5ugXuBYF5nNLZCKKrLjW5ax-BLydxg0JXlIIsedM0AYcmkWdqOyLuD_0s7qnmESlALX147KxlGlaRnYzVyqN7dV0LE0pT8r7vawvScBdXHNF_O_KVReVNJw86W6t_87p3epxLw3Jpy3p40CqExbxZM6ivbOjMNdJ2C5vpcwUD4mDD7LeouFbZHGKY9XEOSKdPH-ruvhVUPldk4aRl-8qZEB8Rq4_HQE5aT6RNKP-usC2rSf-JfyhaSHXLLrcMQ6GD66w5O7eMAwfT9qtFIplLUjnsbjha6fNocQ23xUb6vb2hrCPcz2SPWNEgElYnDJhjTe_nlYht7lwQQyPyHQQKOoqw7mZRocz9QuORbktL5rLBkfHpP9YimP8_pBqVy7RIIXFZapY0n4wDMJd2trb304WNuLA2uQoKYmFnnMP_W8-wbzC7VMKJsvfiP1LasCToKhkMVAjj2q8NQyyaA7PpwXrOVoCs2TYRlT0zpwyhxO7Sl4ywywkx6qQ6FgH2Kts_QuMZliq7J7vKanknI_U2XMP12zZOCoTPAsj2vRCPW8MTOaX4HdcrAvYIEDyi23llr90xOdFlkpVxUeEKmU2cbRnfH9oZxaLF2FlRoRtBBLzDgjaTtgXE7lbEttq7VHWXtvV-wODyQsCZQyHTOb6wUcYiCKILOeWPhSVXITgMJhXCGqn5UjyIM4VR0Cw2i3RI6jrFpMhVMpcaTOY0k8cHADzH7kGr1VJBpOtnNnO9Tw90LmBVTmDyUJ000fTBcr-IhN1-CS1btR0jL2tQ-ZJ9vONSilhZYos_O-uAsmR1jel0gM_T8vqx086YDnLWDHQQz3r0XpzhJw1W3ziT-D6Ruoe62inEx7Uu1At5I09EzAsCbP5xpxj5tIKyyGXCWjUKe6ieV5oDLldEwJfmUaKTh-UlLwvuuwcLD0aerC5lfHxa4ARIVBYE_RNfuQ2SXKs9Iv2t-4gEdvZUdQq-3Zv_dDrYgGupWJYwGxForbOTW3wTus2mcbRpRO61g-NXbNvCwZsoxUfnEIA9EeqsKs1zilGbFPOBTNINn9MN5iN7mETNBPnuuHiAGbf82vd3i3q5beJ8K4_2cI_HMYNZRbqMSQYh8AlIUuZxx47jeILNh0UpSmGYylqxBb8khXM60c2UtFIVmIt7edIbvItE4RQJtV4ZPm89ufCPzDBAdLsCYTm3GGVmGNJCif346-3Sxw_7QAxAC_Jo3l73IErmbCaRHnA4zUzN-B6gzyh0AnC5u6ZPbI5k3H9U4LaQC-nuggI8vw8yN0GYXzisERpG9iU_zhMIICeLg9POHWg5Ek_W3aKYon8Z2LXW1SMiuocSaorm2AILOfZiZuCwX8ugAQhedXYOSbQvHmLUF7kzkJmZPLuSnagj4LL07HX0z2br9Jtioklz9YlJFx8fCq9rLc1GzD8nwe3KPVNKGKKRX2nMgUQIyU0RBUPB_7X3_akFI7Jv9QzkMQ3ye9yq4NReZ_8jlWAqji1FyGZTFKOlOLjAUY2Akn6HRkEnuL-SEfKSyK3d68NwKXwU1QkIoIQwumBXiTU0iIyOfEJx3WBTon8pgT8Mwt-qQNGjg7_FhQLJF2AABV8qyofd3udOFbmfHiOeqW709C9xRbB6Ibj56i3xqOZdzygKC73V8zbh-MNq3c2XXrzKjmqsk9SXEZ2mMjA&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDfXKkqcWlIBl22BdEtAEqOd7DiYvU5OYJ158p53XJVEneyOBAGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8690343587064380000&adk=3703234670&idt=105&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 862C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CepKZ-tkg-vFcO_M92i1i3Wa1eYOsFaa5ONWBC-okOYvhJCnS3g4_-bBTaFpkUyLtPjNMD9OEaO9juK1EbKhn-fCjUJeURpnWazhl3WjFuI2rHEO4aYi0u5J79156pCFH_PEz5FftX9OSlfa4oyy_dTxJn8QvTIt_szaiHEAo7H0Nrjik&dbm_d=AKAmf-BhtFs5HlH1TrqOAeoh0AnV3PayE-2gw6Dt3C3MpI2Cm7qCtSSrf6MFTAe9OZA_8uHImDDri2TlFblX9GxENvNSf7PwegdM6ZXz1YcoOxlyt4ReP6QbFxbA4gWt3nkIe-Fr64DmHtNfOUeopY66KNJkHHjP_L_oKbNOL1oRTmIT6JXOhu66YrE_hB8KmAcgWcbOU7ggOYPe9sMQjgagHLTtu8C8JfsNv-JpISYd_z2e2NbHRUjAcIYr-GOLNy2n0wTBwG072Eio5OxI14U7HnscwBDQPjTb7dl_-2iOjRTx09YN5cfVYQ5CTMxOXhIb5623dL6U_N02qbFYkzkDp9MqbVLHjBUpk9r9HoNZHU9VEdEY7UDiMG1W_jbgYRSUdqS9G9N9W1ALgTloim9dphshoRlLPDkME83IunfBG5lz0_og-6ZowIUCtYWUS9j0uMhoKKh2d_rEDW_ZTDGLOHMMyG_lm5Rg23-FkNxscDyJ1fMiRHQVhsizXMxgbVsGmCeaKamGksiioRWo7JmbWhgtFAI-RQZnfy3ymFjEnWc6lJLox12VE3-KOQ9j_DbnTCmEA6CwG-jikHJ72uC9hC9vUVxTer5DBxq7EyIeg04_ycY-Ms2CYOZIuiTw49kOxS-ndDeJHQgktJETnVc2J4zjTRJOrK9XzopGhiZ001cr906qZhz9_zjrRBgnReCdW-6Ok-2z3gTN2uxnE9fqsJpv1cvqVhkBRw_fwuDnLkgASOKpZBVDsXSXIpnwqUNhWYUqQT76ThUjIg7jvb9oaSDy22Lb4Db4PWHoEKugEZT4sO7Z3yoPnPQijrPeyc27u9Sr1Zoqhor4L4v7mDBseD8ZIOR-aey9zpCCvIBQqVd4EIHnTSxnRtXqmzHIIbboxo5gh6FyLCcNa3ikCr3b0TtHSmbing-gwaVvTao39sySeLgeBaHSA6V32vkB4VKeD2yiiWSa0KA3JRps_DyeQuqyXGupEvO-Sc4VzkJbwmNs5dqjC3N3NjgCxaWNBK8RbxLbQ7bcaeicfFoX2gYurssRaF6vnc2xtFT0cUDOSNxMe88ENMNp6v2_q7ZhsMZgik5Yszo7bc16Iqq6TWGhrPNd0PES81tp6ygukY6y6zJnMclsIwHZqVE74d52kAMnA3tavjdY-JPjqhw2Cq19VTUkIwt3K2On0J-t6kDFrHzB9ZIlTSJ3E-EIUM-QjexN07jmVK-aVzAhMMViDXAgq_lpmtnLiLqLqwhCTb4w8zN2WpcQuujd8rDbeY1qmE4T9SbPfizNRbqiVXU0o89Ji2AifSRW2KFvxRNWtHcYBfHHUz3IHGfpthhHtPXsWXx5aOmJ8JrATo6zku8NrheYM8g5w7eIUK01WbvSZT12yIELHAsKvrCZjxzOzQMs7YNu_fRxgWpJGBgOuCHcRxUDuBl1W-J0dw3l8WbDk_psaEa7LmnccRkk1tPAec-RAFQPK6o5huKH2WFmKwO8IjqwE2-Swc_nyBX51wiz2xylrxLyS4cLMqW8-T5CkVn_52tQR1NDEjMWk88SEqbgl81bR48XitW2wzOTitQHc3wpC3pQLFlSWZ-l_Am8Rcrw1nXggVg2jkAO4UzGALiOg1l3TxoEz4pcnCZ46Y8cXt8oPy5TpCED88iOIHWQmkLmk657jYqOkVqSyWikz8M1mq2EoicP4rtbYg6zoWlvLAmLELaGku388DKdI7nTe5ektftiGmk8STV9esWA2xOhyawJMq9LqHoKmT-5ugXuBYF5nNLZCKKrLjW5ax-BLydxg0JXlIIsedM0AYcmkWdqOyLuD_0s7qnmESlALX147KxlGlaRnYzVyqN7dV0LE0pT8r7vawvScBdXHNF_O_KVReVNJw86W6t_87p3epxLw3Jpy3p40CqExbxZM6ivbOjMNdJ2C5vpcwUD4mDD7LeouFbZHGKY9XEOSKdPH-ruvhVUPldk4aRl-8qZEB8Rq4_HQE5aT6RNKP-usC2rSf-JfyhaSHXLLrcMQ6GD66w5O7eMAwfT9qtFIplLUjnsbjha6fNocQ23xUb6vb2hrCPcz2SPWNEgElYnDJhjTe_nlYht7lwQQyPyHQQKOoqw7mZRocz9QuORbktL5rLBkfHpP9YimP8_pBqVy7RIIXFZapY0n4wDMJd2trb304WNuLA2uQoKYmFnnMP_W8-wbzC7VMKJsvfiP1LasCToKhkMVAjj2q8NQyyaA7PpwXrOVoCs2TYRlT0zpwyhxO7Sl4ywywkx6qQ6FgH2Kts_QuMZliq7J7vKanknI_U2XMP12zZOCoTPAsj2vRCPW8MTOaX4HdcrAvYIEDyi23llr90xOdFlkpVxUeEKmU2cbRnfH9oZxaLF2FlRoRtBBLzDgjaTtgXE7lbEttq7VHWXtvV-wODyQsCZQyHTOb6wUcYiCKILOeWPhSVXITgMJhXCGqn5UjyIM4VR0Cw2i3RI6jrFpMhVMpcaTOY0k8cHADzH7kGr1VJBpOtnNnO9Tw90LmBVTmDyUJ000fTBcr-IhN1-CS1btR0jL2tQ-ZJ9vONSilhZYos_O-uAsmR1jel0gM_T8vqx086YDnLWDHQQz3r0XpzhJw1W3ziT-D6Ruoe62inEx7Uu1At5I09EzAsCbP5xpxj5tIKyyGXCWjUKe6ieV5oDLldEwJfmUaKTh-UlLwvuuwcLD0aerC5lfHxa4ARIVBYE_RNfuQ2SXKs9Iv2t-4gEdvZUdQq-3Zv_dDrYgGupWJYwGxForbOTW3wTus2mcbRpRO61g-NXbNvCwZsoxUfnEIA9EeqsKs1zilGbFPOBTNINn9MN5iN7mETNBPnuuHiAGbf82vd3i3q5beJ8K4_2cI_HMYNZRbqMSQYh8AlIUuZxx47jeILNh0UpSmGYylqxBb8khXM60c2UtFIVmIt7edIbvItE4RQJtV4ZPm89ufCPzDBAdLsCYTm3GGVmGNJCif346-3Sxw_7QAxAC_Jo3l73IErmbCaRHnA4zUzN-B6gzyh0AnC5u6ZPbI5k3H9U4LaQC-nuggI8vw8yN0GYXzisERpG9iU_zhMIICeLg9POHWg5Ek_W3aKYon8Z2LXW1SMiuocSaorm2AILOfZiZuCwX8ugAQhedXYOSbQvHmLUF7kzkJmZPLuSnagj4LL07HX0z2br9Jtioklz9YlJFx8fCq9rLc1GzD8nwe3KPVNKGKKRX2nMgUQIyU0RBUPB_7X3_akFI7Jv9QzkMQ3ye9yq4NReZ_8jlWAqji1FyGZTFKOlOLjAUY2Akn6HRkEnuL-SEfKSyK3d68NwKXwU1QkIoIQwumBXiTU0iIyOfEJx3WBTon8pgT8Mwt-qQNGjg7_FhQLJF2AABV8qyofd3udOFbmfHiOeqW709C9xRbB6Ibj56i3xqOZdzygKC73V8zbh-MNq3c2XXrzKjmqsk9SXEZ2mMjA&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDfXKkqcWlIBl22BdEtAEqOd7DiYvU5OYJ158p53XJVEneyOBAGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8690343587064380000&adk=3703234670&idt=105&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 862C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame 2A20 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=ooglvk&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3D7B 		482 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPy40egCGLyO2t4BMAE&v=APEucNUTXFNyun0__nh9gSpKrvKHP37ycC8ieCafJqKrI35UQCdBBo66Ei2tzq_Jez7tcCq3V50VlmC8K_GTYWa5wRKXUVTq1A
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6FD1 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQNMTI5GiXu8OxWiDC2Rdb6ZVo8I2TQI0R4KoZlbl-H7eK_7awVfJ6_Vh7nwtOU5WFvaUmPNuPdLR2HeXaVqd-NZlsd1lE6oIazitIPqLWv6Lq78E
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1845350794517337657&x=1&ct=76
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 6FD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
79160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:36:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 6FD1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 17:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
79160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8120
x-xss-protection
0
server
cafe
etag
8171891181101138299
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 17:36:13 GMT
l
www.google.com/ads/measurement/ Frame 6FD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeeJMBteqyPNPKfwBXJMTWuTWu_MhUGZXc7XuIJEik-SBSResPGhiJcYt24nKHFV3EIihZgz0R5lYA93PO2qeVZE1hQw
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6FD1 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 90B6 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 90B6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqfyotswzgOkahBpjV8eQ-Wfj9b7PJC6Ml9ab7PqgUxFzOzaIHUrFXKVffvlWulzG-nuW1oblbkN8me1nhrhPEowpsjLalwA59EQz_lfA6wk6LwB6wBbqaFmV8iFNl38_6Fw34YmQPhJF5zagSSx2iMkeTXNobN59DzswgAuBBj74_Qkg&dbm_d=AKAmf-CjsrAI4JAESQExgCegwsEba2DcqBA5U6NAHTfubjXDU1lDBnd58nctw-MDNyWwn2wHhznkpDwKCGHuLfApEABv8QQMtMWM8sMfPEgSBKd1r0XuQrfcMfmrgs4bK8BB48HfZkMrW-eDNb4SzacS4sN9i8CSD8pGSjOE3SKHlyruSniGdDcgcrsyHk_49mlQZWly6-w4eIy00eRwgL70EAslkpyxSw4Otqjid6ezJ1si93jeolgmnEOO2md45DiXlrF9ACDpxB-BSd3VVhhbgBXmZUfyA52vncerk7_NPp7dNM2Ts2-lC391TKkWweS1kKOhDnIPGo_O1dzVXxXOh9pg0tQ7-Jb-TuwydR0mjWsYVkC51X7eol3fXez_FeNvDJlAPGhM534nUKU3zVd_G9B8N5L2t5V_7BKqZzKO5A0NApwao4OUtjN5aSQrv5lqrEWAblYV4pA9awzQ7HEHgm5bA6I8UQl3JT9iOS-cITZb2d8AV1J_i2dLY1SedVuWdz7O3JSawjaqKGlRCzKab3f7Uayasn8fJiiCJDxXem4xcAt17uJ7khSA9f1eb1Fb2_62FvoH3qlhkToj8ckeim5fxqWJ6ymHEAVMUD2i0TJIcFjEiMBkZou8t5Do3POWtH9M2pGo2cvM41EzWMW_23Kll7L-gDRXJgZO6lco8ej4sKsRlNP9MX79XoVyvQ8paeuEmHpku_yXjyEdGKXLseWEsWtKgZotm9kmPwdsfpyiKhlrA1J4m2BiUARd85Xn0tlFXlacYR8dmG7nrqr0FpdzN7OBDdF-U6GugxmyoSoSEw6-rnnq4jaWSKOPmeWq7EGe7Om4v9jSrcJQxI1ttfmbWK3sNBoRRGuhOns69vVqEk68vbQD6goxurPx48lVqCnnj2qfTDr84D15yMqDvJa9MWaEEOxCh7M3_VIgPECMNY7CK9IVljrwmjEUglw6gd3Gb_QlyXPYFJq93VCedQkjhxUheiiwI1DEDYW5nneKqs9Yc1UGXof0G2R4FLKgV15CoIaY_rToYUQl4aku5oj9J1BTFMtTN5vj8e7FkQc9rjrIlIhdbiT6QdqnKIWxVXFaFNeLZDgu4E5ZcPxcozgz7HXMVyZHly-IqyLi8RBk7H2-5moMoidfVwfIhKIR3ooURQdN3fYSwqZcbk7t-rXt3Ztp_8OiGu7PDqXSNoDfT2wvRUooY8yy-IJWNq9dEL1fhdizIvAzmHf5iltq5rouSdq4tpY_uof3MtgwEplh6LvGlYrnBXfwkI213v6y7rPI7Kn-79-BTO6c266X2MHQawifbZ1JRvKGvquMW3-WigV2rO5PIf5LPDQ-0kTe-_wvZ6S8nmzParAUGoGmigKpogvuKCZ5u2kUzVorPYxJ8ZwYBYCfL2rJPnQ29Spk64zH63YinbKGPAVXOsIASbKjUcJoS0Iqn3IojMivUg5k0DhJlmUCeuPgno2w397qJVGDnWP_lmkcASfEzTaMM0bKv2PlgzDqsvBzMsMbgj8pgE5geTbm321SV2m4lW5axtNGG1DDnMPP1ZP1Wt0ZXpkPxz6dTbakO9w8QY32OuwA7SQWbE_cW7EqbU1hLrrtYtTnYk5FgGeJzaY8Pj1NmNfLsZFFaXEVgT5JxMts6YyaJ93DaHDX94rAi9d-IKI5Ju5coTqNsmdDafdSyNZ4muz-dx3xt5Xmjf-3R3XLnN91Klcp-pB5pCh57yFPPOImo5zh-v6WsBkp_9U18ULMfBNcQvJDe4SvRES3pQwPKHPxN-0ss0wQC4ka5so-jQpY-QjtLBUwhClnwTt8r881_rPUWUhhacQ_bgimNLjQn33B_HgQLLw-bQMq0Q7UmLdWS5guGhZF_ernu2MW583XX43UYAZIytW2W7F7v_645qFovUgpQx_1ZndcfrZ_qatM8frXE5DOwQvAALtOnGjXbhYUIk1NIvtxiqOMr_061lR3cUotvDOr2AvXIjSw29gfNCd7bocTKObyNu0BHfwE3jl9u8tSqqti7h255DEifdJy3oYTdiCr6zfL2wiVWEEfRA4nsvjQSJpthRCNzCHbDpxbIx_WqlRevjHv86CEYXbVo1LAFbrjDotpRlVC8ErR9YxSLFwszenlna3mW-qWzJJxStC4IIHk_ZpFq9CQ4eF01BSpnN0eITF5PBIKZ7yO6qZJySQ8_JO0w7Ob-q5HE3LQ3FXgh9wzBmMeINVdh1S6cKVZHspllVlk0VWIMZ0LWPKfTzhlnSSiSONpAp2lc3ZXLDvVY4eovRJ6uzemqkMW6ClSkOPdHpzTzOmJkDxifj7WrR6xD8Aq9SmBybO3lYnksMSwaWA4cq8e4TTAOSVu5PjciOA--zpKgaMElPs-ISVGFBxe1YlllKH9cJ3nk4kXe_sAjf_GUE5VoaxNL9QUpNOS3l2sesa8zehbi27l4rK6OM53ijZbzG94Yw_geaJ76lAoPzGPsKz_QOKQbdY51tSNLMkS5RAF69TYjAzckkmYRHHwIL9OyJF60JF-1rocZPUrpJKwZ4FguVL99ochL1DiHVkvQAn2v3YieDpuiMNdAe5llS3JrjNiflLq7zY2lTdCPSG7ZtFRcqkaMO3Qqvr8CUKn0VqQeoeFrDAs8PQWaj9QGpj2mzmOnZcoiXII_q5uX6bf9GPJFvUxnYu0jhhp0xHcSxdq2TQF001OHAB55qKkQ2c6S6qqpXeYltUPtMGyuvJf8XqnLbe6h9EGAFlBFBJ8ms4ERAwAvZ8iW1UFm1YtZmTSHoHAtXTuUMWAtI4H7sYaDf4Kza0BONtYi2MZO-8iWGhlFuVUDPqRuKKxQWWUXGnGGjgjosjKZhpFLoq5j_NN-x8QisBSN4TwSXIkcuYtQ1DEr80kTYBff7rcVy-Pnd1nptxd8gkL6GRtHGtdTJRpdYHPBLmJi2R4qVC2M3gFsO5P5_SdgSmx2acS2HP8dHN3ZxoPx2e1gJvxQXXMJ_8yFPNXsvnZvyR2NuGV7_Gn5f0ro9POJutIDepS05NW5MtzhUCfJoZjGnCSfRlavrSMIMjmUXbzZsygwA98qCNNDvGh4j4q4zhLeKvi2VXTMaT2bLf3JGM0Z3H11PciqvuTBTWT097t3Bqynh5A6rMhXemQszuwlLn6O5v93crgKUdSNVquS2uTNQ8IP-zt8zFSpzgMFArY0qjMgLhiwfAQNi9qK7AHrcAAnWrvpuXjTLIhxzjQs_KMW840XH_iIAjHZ2siNlOHRF1rT_q1IM_5Fp9XTA0n6u3KpE1Totp54lgxch0l3UNHdHyjRl0FjcUz65l5XumbpjF6LqRKXIzUik3SEsjCIaqKFF_0SvCu3dsB82mx4m7S6LitRDQqQ1O0vprlttDln0NexCjSWpS0N3wIS7N9yvo1Ex6Dep1KNh-gKFhBoX3DaJsaCbkHy7D5vlR_WCDLWYx3N9c6RDQ&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDb3kML0d5eTMzcs1Rm4nc--zyvbSOWE2HPndikTEv5wAB05GkGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=4054183949209867000&adk=2428773357&idt=75&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 90B6 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqfyotswzgOkahBpjV8eQ-Wfj9b7PJC6Ml9ab7PqgUxFzOzaIHUrFXKVffvlWulzG-nuW1oblbkN8me1nhrhPEowpsjLalwA59EQz_lfA6wk6LwB6wBbqaFmV8iFNl38_6Fw34YmQPhJF5zagSSx2iMkeTXNobN59DzswgAuBBj74_Qkg&dbm_d=AKAmf-CjsrAI4JAESQExgCegwsEba2DcqBA5U6NAHTfubjXDU1lDBnd58nctw-MDNyWwn2wHhznkpDwKCGHuLfApEABv8QQMtMWM8sMfPEgSBKd1r0XuQrfcMfmrgs4bK8BB48HfZkMrW-eDNb4SzacS4sN9i8CSD8pGSjOE3SKHlyruSniGdDcgcrsyHk_49mlQZWly6-w4eIy00eRwgL70EAslkpyxSw4Otqjid6ezJ1si93jeolgmnEOO2md45DiXlrF9ACDpxB-BSd3VVhhbgBXmZUfyA52vncerk7_NPp7dNM2Ts2-lC391TKkWweS1kKOhDnIPGo_O1dzVXxXOh9pg0tQ7-Jb-TuwydR0mjWsYVkC51X7eol3fXez_FeNvDJlAPGhM534nUKU3zVd_G9B8N5L2t5V_7BKqZzKO5A0NApwao4OUtjN5aSQrv5lqrEWAblYV4pA9awzQ7HEHgm5bA6I8UQl3JT9iOS-cITZb2d8AV1J_i2dLY1SedVuWdz7O3JSawjaqKGlRCzKab3f7Uayasn8fJiiCJDxXem4xcAt17uJ7khSA9f1eb1Fb2_62FvoH3qlhkToj8ckeim5fxqWJ6ymHEAVMUD2i0TJIcFjEiMBkZou8t5Do3POWtH9M2pGo2cvM41EzWMW_23Kll7L-gDRXJgZO6lco8ej4sKsRlNP9MX79XoVyvQ8paeuEmHpku_yXjyEdGKXLseWEsWtKgZotm9kmPwdsfpyiKhlrA1J4m2BiUARd85Xn0tlFXlacYR8dmG7nrqr0FpdzN7OBDdF-U6GugxmyoSoSEw6-rnnq4jaWSKOPmeWq7EGe7Om4v9jSrcJQxI1ttfmbWK3sNBoRRGuhOns69vVqEk68vbQD6goxurPx48lVqCnnj2qfTDr84D15yMqDvJa9MWaEEOxCh7M3_VIgPECMNY7CK9IVljrwmjEUglw6gd3Gb_QlyXPYFJq93VCedQkjhxUheiiwI1DEDYW5nneKqs9Yc1UGXof0G2R4FLKgV15CoIaY_rToYUQl4aku5oj9J1BTFMtTN5vj8e7FkQc9rjrIlIhdbiT6QdqnKIWxVXFaFNeLZDgu4E5ZcPxcozgz7HXMVyZHly-IqyLi8RBk7H2-5moMoidfVwfIhKIR3ooURQdN3fYSwqZcbk7t-rXt3Ztp_8OiGu7PDqXSNoDfT2wvRUooY8yy-IJWNq9dEL1fhdizIvAzmHf5iltq5rouSdq4tpY_uof3MtgwEplh6LvGlYrnBXfwkI213v6y7rPI7Kn-79-BTO6c266X2MHQawifbZ1JRvKGvquMW3-WigV2rO5PIf5LPDQ-0kTe-_wvZ6S8nmzParAUGoGmigKpogvuKCZ5u2kUzVorPYxJ8ZwYBYCfL2rJPnQ29Spk64zH63YinbKGPAVXOsIASbKjUcJoS0Iqn3IojMivUg5k0DhJlmUCeuPgno2w397qJVGDnWP_lmkcASfEzTaMM0bKv2PlgzDqsvBzMsMbgj8pgE5geTbm321SV2m4lW5axtNGG1DDnMPP1ZP1Wt0ZXpkPxz6dTbakO9w8QY32OuwA7SQWbE_cW7EqbU1hLrrtYtTnYk5FgGeJzaY8Pj1NmNfLsZFFaXEVgT5JxMts6YyaJ93DaHDX94rAi9d-IKI5Ju5coTqNsmdDafdSyNZ4muz-dx3xt5Xmjf-3R3XLnN91Klcp-pB5pCh57yFPPOImo5zh-v6WsBkp_9U18ULMfBNcQvJDe4SvRES3pQwPKHPxN-0ss0wQC4ka5so-jQpY-QjtLBUwhClnwTt8r881_rPUWUhhacQ_bgimNLjQn33B_HgQLLw-bQMq0Q7UmLdWS5guGhZF_ernu2MW583XX43UYAZIytW2W7F7v_645qFovUgpQx_1ZndcfrZ_qatM8frXE5DOwQvAALtOnGjXbhYUIk1NIvtxiqOMr_061lR3cUotvDOr2AvXIjSw29gfNCd7bocTKObyNu0BHfwE3jl9u8tSqqti7h255DEifdJy3oYTdiCr6zfL2wiVWEEfRA4nsvjQSJpthRCNzCHbDpxbIx_WqlRevjHv86CEYXbVo1LAFbrjDotpRlVC8ErR9YxSLFwszenlna3mW-qWzJJxStC4IIHk_ZpFq9CQ4eF01BSpnN0eITF5PBIKZ7yO6qZJySQ8_JO0w7Ob-q5HE3LQ3FXgh9wzBmMeINVdh1S6cKVZHspllVlk0VWIMZ0LWPKfTzhlnSSiSONpAp2lc3ZXLDvVY4eovRJ6uzemqkMW6ClSkOPdHpzTzOmJkDxifj7WrR6xD8Aq9SmBybO3lYnksMSwaWA4cq8e4TTAOSVu5PjciOA--zpKgaMElPs-ISVGFBxe1YlllKH9cJ3nk4kXe_sAjf_GUE5VoaxNL9QUpNOS3l2sesa8zehbi27l4rK6OM53ijZbzG94Yw_geaJ76lAoPzGPsKz_QOKQbdY51tSNLMkS5RAF69TYjAzckkmYRHHwIL9OyJF60JF-1rocZPUrpJKwZ4FguVL99ochL1DiHVkvQAn2v3YieDpuiMNdAe5llS3JrjNiflLq7zY2lTdCPSG7ZtFRcqkaMO3Qqvr8CUKn0VqQeoeFrDAs8PQWaj9QGpj2mzmOnZcoiXII_q5uX6bf9GPJFvUxnYu0jhhp0xHcSxdq2TQF001OHAB55qKkQ2c6S6qqpXeYltUPtMGyuvJf8XqnLbe6h9EGAFlBFBJ8ms4ERAwAvZ8iW1UFm1YtZmTSHoHAtXTuUMWAtI4H7sYaDf4Kza0BONtYi2MZO-8iWGhlFuVUDPqRuKKxQWWUXGnGGjgjosjKZhpFLoq5j_NN-x8QisBSN4TwSXIkcuYtQ1DEr80kTYBff7rcVy-Pnd1nptxd8gkL6GRtHGtdTJRpdYHPBLmJi2R4qVC2M3gFsO5P5_SdgSmx2acS2HP8dHN3ZxoPx2e1gJvxQXXMJ_8yFPNXsvnZvyR2NuGV7_Gn5f0ro9POJutIDepS05NW5MtzhUCfJoZjGnCSfRlavrSMIMjmUXbzZsygwA98qCNNDvGh4j4q4zhLeKvi2VXTMaT2bLf3JGM0Z3H11PciqvuTBTWT097t3Bqynh5A6rMhXemQszuwlLn6O5v93crgKUdSNVquS2uTNQ8IP-zt8zFSpzgMFArY0qjMgLhiwfAQNi9qK7AHrcAAnWrvpuXjTLIhxzjQs_KMW840XH_iIAjHZ2siNlOHRF1rT_q1IM_5Fp9XTA0n6u3KpE1Totp54lgxch0l3UNHdHyjRl0FjcUz65l5XumbpjF6LqRKXIzUik3SEsjCIaqKFF_0SvCu3dsB82mx4m7S6LitRDQqQ1O0vprlttDln0NexCjSWpS0N3wIS7N9yvo1Ex6Dep1KNh-gKFhBoX3DaJsaCbkHy7D5vlR_WCDLWYx3N9c6RDQ&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDb3kML0d5eTMzcs1Rm4nc--zyvbSOWE2HPndikTEv5wAB05GkGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=4054183949209867000&adk=2428773357&idt=75&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 90B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame AC63 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=fwoxwsyl&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Jun 2023 15:35:32 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
events
gue1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 2594 		13 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/public/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:35:32 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
events
gue1-spclient.spotify.com/gabo-receiver-service/v3/ Frame 2594 		94 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/v3/events
Requested by
Host: open.spotifycdn.com
URL: https://open.spotifycdn.com/cdn/build/embed/vendor~embed.4a022388.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash
482c79281f9c39b41409866dcf058ebe0abf62bb2ec081617ac7749082d3f161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://open.spotify.com/
accept-language
en-CA,en;q=0.9
authorization
Bearer BQAQmzJy4J-wne7w_Ai-7-gWRcjNN4y-TBPIIptuxRXHuXQpH75KachhgouKW_zzOTpNCgMrnXPXM3n-52aVSZvt2I137dxtPt1_qldOsbcO7k_PcWI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:35:33 GMT
via
HTTP/2 edgeproxy, 1.1 google
server
envoy
content-type
application/json
access-control-allow-origin
https://open.spotify.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
events
gue1-spclient.spotify.com/gabo-receiver-service/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gue1-spclient.spotify.com/gabo-receiver-service/v3/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:b99:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://open.spotify.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Origin,Content-Type,Spotify-App-Version,App-Platform,X-Spotify-Connection-Id,X-Client-Id,X-Spotify-Quicksilver-Uri,client-token,content-access-token,x-cloud-trace-context
access-control-allow-methods
DELETE,GET,PATCH,POST,PUT,OPTIONS
access-control-allow-origin
https://open.spotify.com
access-control-max-age
604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Jun 2023 15:35:32 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
ev3
eb2.3lift.com/ Frame EEF5 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=37000276533921298888890&sr=1&uid=0&type=mi&ord=1686929732836
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame C1ED 		241 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXEvzGjZ-XKVbA2hwrbdhvNsbJ4U1JQZa3hJHgl08WLBDbiMgRD1RmQzzBJvxRkMLWYPd8aA4ZKvUzsOSFYDgjf7KG7lA
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493cca1c2b95032b6d3bf5a310bf618b3bd7c8426fdeedaa0b2f1e1fb2ae48ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4CF0 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7yjN4lsCGAobCiZ18mvU-nB3cYscSE2GaZ47TTGT6KzbrMxTJLsz2O8F4ppiXD2VQcot-dCVyzREKqf0OXjIYVdjTwmtGvneHOiZ0YuhB4IUSduw
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8407216993199260947&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a1af54bb-a0f0-4189-9318-f145f1be0452
beacon-iad2.rubiconproject.com/beacon/d/ Frame 4CF0 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/a1af54bb-a0f0-4189-9318-f145f1be0452?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B78491390CE112D11DF3C205338A52CCF06F35CFFD299E48116DD282C63EF43DAFE35F650DC23009B544B642E13D3C2A3B72198245C41EF2DEBDEB7C5F3DA1578E6088CF4473F8EC72E3BA37EADC2324FBF7AE33DF68F448A4FE8A639FB92BF1558D9DDB015200B06FF514DB902D4657189BDB7DB660C0F4BA4807159A91CEC88BF63B0E6FDE79123F2190DDF4415FE4E1D638C8428AF4DD187DA6777ECE2E47A6CFA9215E7F7C34788F9329B0C6686B8E82A954C1004678A
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fib.3lift.com%2Fstatic%2Fbuttons%2Fedaa%2FOBA_TRANS.png&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=119&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A616%3A616%3A0%3A673&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=84&cd=0&ah=84&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=705036645&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:33 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?oz_pl=1&dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&psv=2.96.0&_x=1
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/596918/analytics.js?pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&ai=575154&pp=9502&si=8062019&sr=5&pc=75167&di=dicio.com.br&dm=300x250&md=1&gt=6251999&c1=4945&c2=84215&ti=37000276533921298888890&cb=1686929730&dt=5969181520951367361000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sync
partners.tremorhub.com/ Frame 3D7B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEMBHak4G9SoxD9RVxr-xgYM&google_cver=1
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEMBHak4G9SoxD9RVxr-xgYM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPy40egCGLyO2t4BMAE&v=APEucNUTXFNyun0__nh9gSpKrvKHP37ycC8ieCafJqKrI35UQCdBBo66Ei2tzq_Jez7tcCq3V50VlmC8K_GTYWa5wRKXUVTq1A
Protocol
H2
Server
2600:1f18:612b:4232:ab07:9ca5:134e:3ac3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 16 Jun 2023 15:35:33 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEMBHak4G9SoxD9RVxr-xgYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 3D7B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1&__user_check__=1&sync_id=6ec148e0-0c5b-11ee-970b-1cc82ed80303
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1&__user_check__=1&sync_id=6ec148e0-0c5b-11ee-970b-1cc82ed80303
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPy40egCGLyO2t4BMAE&v=APEucNUTXFNyun0__nh9gSpKrvKHP37ycC8ieCafJqKrI35UQCdBBo66Ei2tzq_Jez7tcCq3V50VlmC8K_GTYWa5wRKXUVTq1A
Protocol
H2
Server
192.35.249.137 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
272
content-length
43

Redirect headers

date
Fri, 16 Jun 2023 15:35:33 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
/partner?adv_id=7025&uid=CAESELhJRIrw9MyYmQvlFwBdqsg&google_cver=1&__user_check__=1&sync_id=6ec148e0-0c5b-11ee-970b-1cc82ed80303
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
193
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D7B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmVjMTQ4ODYtMGM1Yi0xMWVlLTk3MGItMWNjODJlZDgwMzAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmVjMTQ4ODYtMGM1Yi0xMWVlLTk3MGItMWNjODJlZDgwMzAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmR064CEPy40egCGLyO2t4BMAE&v=APEucNUTXFNyun0__nh9gSpKrvKHP37ycC8ieCafJqKrI35UQCdBBo66Ei2tzq_Jez7tcCq3V50VlmC8K_GTYWa5wRKXUVTq1A
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:33 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmVjMTQ4ODYtMGM1Yi0xMWVlLTk3MGItMWNjODJlZDgwMzAz
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
296
content-length
0
usync.js
eus.rubiconproject.com/ Frame 34CE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74397
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usync.js
eus.rubiconproject.com/ Frame CF8A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74397
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usync.js
eus.rubiconproject.com/ Frame 2A20 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74397
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usync.js
eus.rubiconproject.com/ Frame AC63 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74397
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
pixel
cm.g.doubleclick.net/ Frame C1ED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tN1haSXJGRTJ1RXAxblcwcERHNVExLllJb19oeTM0c35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tN1haSXJGRTJ1RXAxblcwcERHNVExLllJb19oeTM0c35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXEvzGjZ-XKVbA2hwrbdhvNsbJ4U1JQZa3hJHgl08WLBDbiMgRD1RmQzzBJvxRkMLWYPd8aA4ZKvUzsOSFYDgjf7KG7lA
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tN1haSXJGRTJ1RXAxblcwcERHNVExLllJb19oeTM0c35B
date
Fri, 16 Jun 2023 15:35:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=771&dpuuid=CAESEMYUk5bfedgoTjijFg3nc7g&google_cver=1
dpm.demdex.net/ Frame C1ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMYUk5bfedgoTjijFg3nc7g&google_cver=1
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMYUk5bfedgoTjijFg3nc7g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNXEvzGjZ-XKVbA2hwrbdhvNsbJ4U1JQZa3hJHgl08WLBDbiMgRD1RmQzzBJvxRkMLWYPd8aA4ZKvUzsOSFYDgjf7KG7lA
Protocol
HTTP/1.1
Server
54.85.104.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-104-179.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v048-093cc1190.edge-va6.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tqxtzj2nTTQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMYUk5bfedgoTjijFg3nc7g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D9C8 		323 B
151 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNW0dfaZapr4zFIeXOV5XJ2GkwB-4FsjkfTOYxmK51Q-E2jua1_YtXJmEjdFKzuSgevNVy6AjnCisrQlyy4GrLTQiTa2BA
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9939d1a7423140250007727546228736920bb1a9191c6c291e58a1fdf677c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
131
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8779 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVkwQymnLRDG2Z-bAcu9sR78EIbH_qmY-7HWt12dDfTyvuWUtlFtZ89EXQ7_mPJ2Pok1IwkoOgdWK6hkdzxRQ_NQmY2Ad1cEeqcbJ6YIKySv8ACbE
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15107947211301724889&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
61eca85d-a263-4d3f-9ea6-7a52285f0ee7
beacon-iad2.rubiconproject.com/beacon/d/ Frame 8779 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/61eca85d-a263-4d3f-9ea6-7a52285f0ee7?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B06E4879A9848A25BDBF2DA2E80781DA569E44ECEA42574E4F57FC1C4FD29E4CAE87ABCBEBD27DD4A544B642E13D3C2A33758F3814F7EC36CEBDEB7C5F3DA1578E6088CF4473F8EC72E3BA37EADC2324F16F0BEE87CC029F442777E267492D4AB8CBAE6072433FF5EC0B5875F3A9EABFF6B544121586C252A39C80475A490F8C2BDC08ECB0D3AC650E7F64A60A46F22E2DA2C0D4EAB5E41651370C7EA7E99C5407A8A400FFF738BA5627AC059AF5AA48ECDA10306204D320B
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4BA6 		599 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 90E5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgB6SOD_toaAwPXx4MwDYFt76QNNW8DFw4epbT_RMWXILPdp8Kvk0zKA9z5tdkEA2nloDO9bbZLKKxlPGGctBo2S0E7NvUdS8CU9dpD6K9s695vIw
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17805734626571072008&x=8&ct=76
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f81f60c1-1ce0-4f80-8e7a-bad389255b93
beacon-iad2.rubiconproject.com/beacon/d/ Frame 90E5 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/f81f60c1-1ce0-4f80-8e7a-bad389255b93?oo=0&accountId=17210&siteId=397268&zoneId=2226136&sizeId=15&e=6A1E40E384DA563B2835D52298E81E9435C40DA20B7596CBF2B17CECE1B1830380FDE6405A38A48075A754BDB1E46AE7E9F89206FC79094AD9939B36A9C6F27A47E7487E7EF63BEE820D9B9592B2B40DAA57DCBD924C4BA318201F004F9CB2698977F1C6577E50BEA0FDAAA192B673C5C0B5875F3A9EABFF6B544121586C252A39C80475A490F8C206479C17553A6482D9949137666A9E43A52F421AD4E6C10CBAE5448448322B7E002E5CD419A8FB5B3FE5870DED9C27A5CDA10306204D320B
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929733198&oz_l=239&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B88 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
index.html
s0.2mdn.net/sadbundle/911325707060117504/ Frame 05A4 		319 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd40536f9ae7dcaff774a1fddf4b78dcbda027dd4d830f0d931949aefdea7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
expires
Sat, 15 Jun 2024 15:35:33 GMT
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1B88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ4QKZtaKIUWQgpV1Q1yYbD2rbY-IaTrSo5DCHIZUp-8PKx2Slajx0-rV58GDV8Fq0OrZxiheXUypthh-kxJjnVlG5PejAykckasCRrgQ9QGXNnLST662KO_dGIoLAz19YKPwBwMIxo7ZZ6gX0gLnaDwBu-57cgrxobCQ7sBu3gVi5Hh8yEfhwPUA1Lv0QsXHGZuW6C9tq6bMOAT7OqumU7ksA3Rw-y2FhDQmVe53JADtjGEHvOw1QpRa37bnxZ60zfMQC3EiLisTAhuIewFuk6yWlwxDQijYROygngRY15B5w_M4vQNRZcMI2Uzzk2xRpHeXojBDFQhSE_hs1qPmvmyYUIyeuEG1SRwvLpdZan6aTCj_LNp4De4N9UAufS0iTK3jOnPeJLSLNXddkNb8FYBFpuo-vOChoZcIlf0zFak4oQcAi2G0kC_WCvkCmqWSVNnpYQ6hNphNfNDYMqBUCGgHnMlfHqeMpUDAXaaJb0tsc-ZcPPmglpj7YupRpR58TurMKFw9NwmG_OdFW6uVJWSRktgesJCNc_wFEPTmk91MvPEmMZEadU6XqAsqTZ3DsduUAP0lkNXkE6zahcvNY4-vtjVSzu2OHJHyDkiGJVjlWw92WjP1Hg5gdHDye-awOzy8lzosxellr69xKXJkz5RnoBPerRdKTFwTA6I6-2nsGQ6NIrXSrBHChmVqKrTkBY3Fo1EZT-qM9gA-1tb3MKcZeO7bUZ-_ngJP9JmXkY2R_Bvc_pJVcLpluG-KZZ8UnhAFaSkT3OxncaJTOlF30fRlKc7FIzK4OIy9pi-kSFrl0wg7dGS6DoDPnJ-DpJewQ4OQsihEEAG3lfd0ju008ShUL-QoQb8fRwlRyAXgdSJHDNgh1pL6ioW4pN9UDcz0-1CfrTbZV-sNVHq_yl-tTpPp9AzxcD1nyFqDYnXOyZUI5bquTGo0JMcAIJOaG6kRpAk2kwv0d05OmgsRHLvCnIpZRPZbQFV7_bcFJu20liknnCqg1r2bORaceEkpfz3GUG6u_nYKP1w2598-RM4J02Npz0_UAiFparWnpV5eLNX1ZwRJHwGjtHnGXrn8bgbrNcppgK-tO4Vq45_31qdAFZ9_IDmYHNfiuzOMbB1g6UaglFLoGhlsGuvFjJP2tpG-ptR4bxDSs5LVE5x9G9jvcllxCQ6-bzGH9xuboBMa4&sai=AMfl-YTt_2wxWvIqcAed8iglX_Ba0NXDLaQR3CN4DEwne_OxRNGPKUy3nK7gMQCUvcfeepJJDWj5xBMmsig75mwft2oXLm-jHKz2Uxr7N8qZLKhkr9tF2cshfAk-Fl1WDhZS4OY6l2SCgPdsDMWcokHy734nhoSE7agNab4F3680L6yjMv8mhnPKTmhWOi1fuhvj15mauvU5ZsLu&sig=Cg0ArKJSzN_wGkbJpzHJEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=329&cisv=r20230614.72042&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8296629820691&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8296629820691&version=m202301230201&ct=76&x=1&cor=1845350794517337600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6FD1 		70 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d527aad616366b4b068601996b74a6145c1c83eaf1fba67a03b9efce098b22cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32308
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5071363388619&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5071363388619&version=m202301230201&ct=76&x=8&cor=8407216993199261000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4CF0 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwysVDTN0-O4CuLYMSF_GAmtAaD6gk5WTFvH4kzBGCVga3omsPO2w74g30nYReK8_KsFK8L-0frmCi4k4pj7DyuW3_6BjX4HvPpQbMkNYICJBg0wIpeQZB-oE9SpHHGiXXvjlXog4GaZDT2GjEZJ-zHOQNfnhqbs8qL1Z2q7qkqczCt-o&dbm_d=AKAmf-AhBf-11oZdPQUg-zDtaoMA69-7O8k2lQ95ysucGHsZjM2yi6lirZCOtHpde4XJjQJTk21Rh8WdYIenku0Yii4aX-OK3ow0TMHHqp4d3rPOlVkOm8MleMw2Tcw4pF68KxA-p6-zaNZWbI_6X3lcDWHAnXO5NK0nL85KBrAxKLctrh-9xt7e7J3xHuVAGZcbJuU-L7BUpGqimn6LKyhGR_iC7LrQ9VY3ZlgoIAv2HvMEvOJnkQ4Ve46o8XZvQLpp6Hr8sf2Ap0wENmykjoqm9DbjH50Xwm0sd2kyZiC3XBsW9_oXrhc80kmBRg25JZG8ITXUS56V1Va2VFErnDyEfTeu7DEyCkrkZfzFKnjL7NnOZPSu8Kqw4KlWNnTKx2UlL0v3bjzY4uImu06yBdCatq02bo25HRXN3_zoFk7N8rdp7IRQ4k4kmVUA6UIolH0D-LIeKKz-L6l_TRv469UsfLpgmlB7VO2eSZbzzxHK5IYb4t4k3mXpCDrERcEDVoq5cNelmeaAJxjlPFP7kNbZm5ehLUjI_RZL8I0cxyGicgJn90N65fx7jIziNYjspbQe8mISsIBj2PNEbsopjhhZW5fkxlsg8IWMjXXAfwWgOkVkzuYFgwOpKhJDEm_thK-_dcq-in-Ni-MfUK1L1ArIW340XWSyRlQ4a47IPiWimZ2KcwgTPdg8s2qqSZfI9ByOwRBSIG-ZsvXjU6H8b7AQUAihmobOxClDx73goMVkEODVUxNKUTtjwDLUfSNKR8eCAar1lZHRxqTTNL2k8_PalwgWHMx2nn_RkmpHHVAk_rkPKpOLfLCmNOFtGP-jut4ggzozuz9MhKC7QAzlWzjlfq6bYahArfmf1AbiZjIu17QiqvaGbxhsgiM4060qf08s6x41tZvyWQWBEnJqozC-PfysuAGBSrnUOvL_nFqsYIgAWhiF3wD_MjQUCMfmAFVnaQtpd2XKSQKa7N3e5BbQi7MphdEv-T1axIrHP1X-APz4DcwraW6ok9ZxJ1UvN3DnPLEB1ByiJLsMkEQfMmYpMPPCQ-KJDY6csBjEYp2OP169HxfDGtDe-wrW3R9KrnYBKob_9iUYu1D9z_5qkzfm4-Rh1LZ2104DpH_tPG4m7qwJf3HyOyXPyVZc026wINuMzo1--UPnbpVlJhAkoatcGzncYGpGyisuLGsgiXEMZm2yW3iC0XK1omoecVX-l5ZnzIJVnQeaN4z0wWQEnTSFg47vaZUM9l_1tfpYoy7ncvZt9w49GaDBc5ZmwepnT6bZ6Z3H5zLStbdlIQzn6Vc_PpDFJ97fQtWt5W6nTb__qyrH7wcDwtkEjXdf9doMFXDxeDcoSmDKJCZHled-K4xNvTkNreIwMxVA37ZaiRujwI6YQoUV179zL_IWRjm1XKpmKXRusDdIcwXC9mQ9DfbhIF8j_lwKJJkcV-N8pAev-pPqHUm8dZZ49RgVkYSrYEFXvMiiEjZPbS9qn6cm3pCxIJa3MbwwxCpR5cmGNZzskRuzA8oJYGnd-Dy3O-qT3PM-4PVgg-0AQc_0Gl7rRAvUzzIOmMZct1I0vMhhuqv9UUsNHk9sXTRiscXZU8LdK6jW_i7X5rRnjVNGYHLF-1musWvkxbd1nKYAgRTh7TPAX1u8S7CsBP52PoBud6Mu75KOle30iwM2Tos8fYuB2Fj7LkCgtNhuuaeMe2lZ-BU2FZEaZet9SKC2n1khziE-KqmHidswCgAapM0rs2vx2tIvDql_pgPXjPOBabTEJ-aaLgjujcPpbCqqgJCVhhU1gwPvtiOCBqjdXHxwFmwg5Us3G7iuKQcSynfShcK6RM4EO4KECnCfS2G7Rput6x8jsK5ycTNKkhMNJv2gDXY0ITLdVMLBk_5UmqnnQ-8Ok2zTXnPQf9P_4SnEtxfMKx5CmjyHUcffLSST2pfTwZmj8pbFOvjik2U9XBsJVFwrVLuUaEutHT_254L2Gm2VYI1PWch3adwqp7lJsSTdtnOHBfaMVgRVBi47oIlHSwlyyoZfb2Bfy_L03B8_2zlSFTF0W7eFmuKk0XiFfYHx0tVSpNSE_QD4s3rkpYRGkbO3Sku8BMW7F0-olZY-qiQcSCWSbpD8VxHIjfUiTwR_Tb2uB_l5jc5JEBXbwgMU1Z1UrIsH37KdSPss99wVx3w5qKmS58Hcef4d-Nsv2qsstyamclSdjNWsxRG_mQKj2ypOuuFwtkNZnDtiTinDcNZtMaN5nXWMiwXEZzCwRDomQA5QuvUwv2jXB4uyf1Za0C9TNWwoeYwtWLJumveVH8n_21x2AK91ix1XFAkAFgxjWVdDk4PFdo8XRLVVs2Z6VZhBEH6tDOMxvpc3d-R9or_w-RdeIEwyA0Zd5qs-vU77I-LGkIV48-ej-ICAlD_WsHgoapBTF_H1nucc8xfENNR8-VdoVSclc7owXwyYwo_ZP0BOLl6lozPuPYCnEXlNfZROl4v-7Hoy4e4PZm8HR83DBgUN0ZcpvXd9L5FyHWgbEvHg2xyyjDJluT_VYZ58BlWuHknYI-xV9Bc7WPR2GLtWUslNGYSU9euFkKsP2-bMwyXg_0OEVQejrj4AViV_t7t3tgBZPcpv7r3LPfeJHOsU5KVLq4lc_rEvw3ldGEJBw4Kn5elxf2MNoqsm3tRsRfE052lqE0_RnYhg2tGnQEqXOEjnHw_T9uj88MGMGmka9_x9_2TJkJcclE5FUlgb7y-co4_GdTv78F7PySa66c8f8IQ4NeybyPl7ddrOP_nQWU4bbrQUWrcMsaMFinTkPLNK6C0LfQ9FxZY3TdUSP3jlmhG0fnzPeyErE-qPrtNz5Jliev7zPPardfz4X88A8nSXOJvbRGu771_CKLf1SWRAAaAMejLiVohs3nje1jSlU3S_QwmgBSlzY8jUHIE9fHlg_4xzomU_6wmvuWTIt7Jn_WeLolD51RMOcbOcQsI_IJ6M8UaGVw4XpjdLy_Lscqea0mj_g5g_dgIehtDaIkLD5QgYrYI5YhyHQol6sIfZcyQ9rtU_ZuA5u1OrEOK8eU5MXQBrrDIFtf2_22EjhSv_X2KVf4xdI65SfzydFMpscUh58wut9rUsPetdMMt7tOu2ppWyicK__tiiPKIzRIjrbWdaDTAJ8chVXs4LLcfFT6VZO38-SS7Bq3xwHMKoTTJmnLwanMs4HXndU5VeBHg93GrGP-wAEYC4iTJr3TjnKb5DNLrMdimDCPhUHCEIW6R9r4E7j8i0psxMknAtYWwCO0-o7BI58-XrqHGCad1Cs1QLw24tQuNWSncNLWm-isivDHNcDF8ONjjCueFIHy3GNeGxDNpyjttXQUYQnXG7v2FNeNA4Tt-t_Tp-_hF-OwFo--POt9zig66chF5jRjiitycU78De3fYAFQ6mjzkDU8uktCCKC5AeqV2A_3UWrchwg8HL3lACV2rHZPk&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiD3hWzKKMPON0MCpxDBsO5_7Ny6iS3JpXkwXSblZgGR_p09DzwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8407216993199261000&adk=2119884477&idt=80&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78621720f40f69ef7d38f1fc3faec996e59c4d8774a2ca5ecf3b1523a5b1f89a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37850
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=271&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A0%3A673&aa=0&ad=84&cn=0&gk=84&gl=0&ik=84&ic=84&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=84&cd=84&ah=84&am=84&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=-1&tc=0&fs=203695&na=37489033&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 20DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306120101&jk=1793647499183307&rc=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90B6 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
index.html
s0.2mdn.net/sadbundle/911325707060117504/ Frame A2C4 		319 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd40536f9ae7dcaff774a1fddf4b78dcbda027dd4d830f0d931949aefdea7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
expires
Sat, 15 Jun 2024 15:35:33 GMT
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 90B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjMRMDfwRETmAImcdQXOtR33aVhPnn2kVj3qQIj8ao0TuQ4crTq8cU9XqdXM3HGM3pmQCQ9d-QiyCUiu0lsc0C9x4NL7CSL4e_Nrh36Oe7aiywGtn1KX9ZX_yZ9pSGODM1rHjXcyELzuR4pTGrF_fONaRL9XX8fGo2EYUyINvekT1zMFbmrUuRD03X6pTgijbEMUySODLsua5E8DBFnRQLNV4trOtV1yu9YNtqGk4Z9VS-AnWLq-ZesJflqVw55C-L2wiUSuE5IG9JCWQrWVxW7mHYtrT_43Fgbu0L-6mfexzFwEAyBD9YFfdxysm_M-JvszhO--pw02ODhrQP8u9ZsfoN-b5Z1QO501I6OS4sQifh3-KuxSuhx6n5-N7TsUBcWfv1rdakwmyyhnU7bhLq_7OMaBB2PxUlE9HiSkI1oqHeZ9tZhmvLsgGJ4IO0a4TArV3Ni3pBgtj8C9-FWxc9jsMS4pabVIww_ryg6nURq1s--l-cgyrGPQwarVk0zRNcdSQ9AY4zG2Wi3ZHivrh4-iCmjuQTkmhQY3MkEDEPsg2c32pl-_RUF8NTihtANkbvepCpmD2Auwppvxij3r-YAd4qahwUxVcbRbV1Gx47WG4kjRE2fChzeYARKgo6OBjShUv9XJ7Cf3rniUVQB-HMwtlb95sK-fEUlxevJ1dRJsSL2MbiHYOKrWFhkl7nLz3UROEvQjtzx700gbadaHJXnjBfQeQBQWEk9OVz8jB6q00E29powqzNpq4-YzwZ59gtazZsTDltFLloXRMLS8bBSuMODPUOCUFExY9rMxNFVdK1mzVzV5jflbB2NE1vdOFUyuzcJFZVdpeuH5kJIxG4W_ApkXK5QYPZ-BKtJVxsyBJLvnA7XEeKLZegwBspX1uci5xLWjzLr8K_VHV8Ol__58lwaCi89Z381NRtBhTXL6poeFW_23nB__W1IGlz_8nefkikDLdCbVjrV_lEALOLBM81ihgBm5BtgF1VjecYsOUIeJTdwNNrS2tuDf0yXSmdsd4y6I9RTJ16mUf0FDQqPc8E4cZA6v9m6TqwhMLSBtKQ8t0MKA1Rdf_XNv3_aGBH3EdBHtClVdc7aMkeAGz4454UygKWruXgNgx_JMbqpD8f_36I3J48tz6Yt1wJWrncb5WozgvBVmVVKligDhD72mjbsTcRMShdVkg9jaxw3Go&sai=AMfl-YRjiLBed3p36al6nBUdbfrzB5mwIk3gP3HJ8Xyt4lGyQ2KUs8HajMhdjchPkGGUSdgk-Lup8UvsyX3NiuENcdq63kLz9AxdzvqPGZK0546tXlMJAPdBHMholfIuOif3TIPw8-PS_X5nl0Gv5CdIjpmS7eQl2IRrTWlLlyXzgTt5nMvZoyw2-17ol8BOPZ9YwyfY59CS2T6R&sig=Cg0ArKJSzLISv_IcwE8gEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=452&cbvp=1&cstd=441&cisv=r20230614.52154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CDD8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CF11 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
index.html
s0.2mdn.net/sadbundle/6720283131112325120/ Frame A79C 		321 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6381b4ff1dfd889a928888c5f06acd19079c432a9eac74763cd84afbdd7ff1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
expires
Sat, 15 Jun 2024 15:35:33 GMT
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CF11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAC5ikFux-v3QJfV1yyPHwk8OqFoLr9WeiqAey1oUOXypJryqi57BeK2pCDs3crHh9SHsSKgW2bGLKjOHhtF_oTfEMLTHyrsUZRTnC9wQYPyF8PkE7fufmfRcS5CihdkVhG_1BUAeYQWBkZctbrgShJ3VAOCJyTScMob-CDx78jOTOfpmhUcW4_uC6ccWpE1XemoWDrAUq6TImiR_FbDUxPg75dQJnfY1TNly3otwOriEBJuM6F4SgCE6kMZruXoHoXHNz9KakcmaXiHcvPh64ecO1m2-Scm2hyACo-7bxg6tNLzk6X10jYE5-lJOQ83Lx8o-71Cw9fGqBNNFLyBMHuaw8OS2WMiXyrO3VzWi8p6I_TrVu3UwnHFsjQHj_V6BLIM6duZJnZBuT7_IIPv0uS7qDtgRYka9VLVpl6ZyQASJ7qg3MOoO5Z2tUlIWZaB5gA0xdxFipWH5keV0fSyrDVq7H5TIGhr9lAhI9Ubow5xcBQn4Ur9eTSPXjMfF3hGe6KqlS--CPWsVYDjGpRz26CcvQq1m2Qc7P3F-BRxQMXpAd6I_yJw6k_Xt5A_L9Rm3a8TlrqakjriJVyQS7soBGUnbD8D0XnGGfISvVOjsnG8AKqY7isCN9SzZKxqflfY1-HOfiIQYdY6JzEcs4bve803tynEcqWwLYn_KnEHV-wWEmnJnK98OwPTCN-s7NvUOoMaanWp-Z7VePknZ85Thy3fi2GyGnNFjpEt5q6u6LVF3b_HvAbP36cRrtb-Bi0NYMGV6q6NvqX_injt2GAq6DVymw1HlZ-einm5XdlebFggDwFc3oxswAWv4hPU3kT-uRdvu1MugsK3U32zeN2Da1ZTg1uDHI_fKR3xKSJYNaYbr-whEa6OVA-hlnM22SNHcfwMEJncbdcoET4uDhfC9feSkpUHlh3LlkcK-t0R1ZVCjPWwH08dqUyR34MznwLVndVFzMmK3mgVHrbavZYEUDB3vPlbRPy688mq4s9BasAq9l4kngLjsaqbSqtbbY--pfR72YVOgZtOfNfNTk4nssVpty5pd2Fj-FhqRZQ4tCMsxxqUfESeHpZ_tgdl7CpvC7cvQJAQydsMGNxLrbE3aDTipUlJseBrV26ZknWqtD9sYGvq_XFqAiFGL4OdeJTIO1zLphN5t-FyPILRuDbmcFQvHtfvJBE_MD4RNwSpOsk98&sai=AMfl-YRkjMQ3TymGW_qQLTDB1L4iXpBldqU85ior5gjdypUaEhMz9L0m8r0H2Gpszg2U9Ua_jele8zQOrcIDPRW8vOX79Ss4HttHVvdwfLbDcJEntU0DAif3U8Yh7ksfbPX8lNyJDwQnWObDr4dFzyeJexjPcbixQAQvYlVrs6Rmsy7HcU8A0XQBtZ6Z0ROTPnn79iCR3B2BpDeN&sig=Cg0ArKJSzHbmhFqMTksREAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=528&cbvp=1&cstd=515&cisv=r20230614.57006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
xuid
eb2.3lift.com/ Frame D9C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&google_cver=1
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNW0dfaZapr4zFIeXOV5XJ2GkwB-4FsjkfTOYxmK51Q-E2jua1_YtXJmEjdFKzuSgevNVy6AjnCisrQlyy4GrLTQiTa2BA
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D9C8
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNW0dfaZapr4zFIeXOV5XJ2GkwB-4FsjkfTOYxmK51Q-E2jua1_YtXJmEjdFKzuSgevNVy6AjnCisrQlyy4GrLTQiTa2BA
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
bcp.crwdcntrl.net/gmap/ Frame D9C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEKuRSSnBN7h0_VI6rxDO-p0&google_cver=1
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEKuRSSnBN7h0_VI6rxDO-p0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjUsfO3ATAB&v=APEucNW0dfaZapr4zFIeXOV5XJ2GkwB-4FsjkfTOYxmK51Q-E2jua1_YtXJmEjdFKzuSgevNVy6AjnCisrQlyy4GrLTQiTa2BA
Protocol
H2
Server
52.86.219.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-219-236.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.67
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEKuRSSnBN7h0_VI6rxDO-p0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 4BA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEODdCLO1BwvftbiuASdyv_8&google_cver=1
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEODdCLO1BwvftbiuASdyv_8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Protocol
HTTP/1.1
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:34 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1686929734276016-134

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEODdCLO1BwvftbiuASdyv_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4BA6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmMzYThjODUzNzI0ZjE5ZWFiOWVkNTcxZjAxYTI2&gdpr=0&gdpr_consent=
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmMzYThjODUzNzI0ZjE5ZWFiOWVkNTcxZjAxYTI2&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmMzYThjODUzNzI0ZjE5ZWFiOWVkNTcxZjAxYTI2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1686929734238024-262
/
rtb-csync.smartadserver.com/redir/ Frame 4BA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4BA6
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMAR...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqmogEQtqb5ARjEhvO3ATAB&v=APEucNUx2lxmWi1OjBKMICDravOMllMtMfpTS0dcnSWoaBtooEhMQw4Remogt0-cyYqtjw8GtJ6H1-DHYwN7UKsPy7Xeat4Ilw
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev
eb2.3lift.com/ Frame EEF5 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=7Graus_SHA_RON_EB_HDX&aid=37000276533921298888890&rev=a75d1a7&pr=ZIyBQgAEP_wKs-bDAAyhRgogySRnx09nJFa-gw&bc=0.076&bmid=4945&biid=7169&sid=84215&brid=575154&adid=526855_ssl&crid=129866496&ts=1686929730&bcud=76&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=44010
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 862C 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
index.html
s0.2mdn.net/sadbundle/6720283131112325120/ Frame F4A4 		321 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6381b4ff1dfd889a928888c5f06acd19079c432a9eac74763cd84afbdd7ff1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:33 GMT
expires
Sat, 15 Jun 2024 15:35:33 GMT
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 862C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6a-3x0rzLDLwBdyq4Yq0AmNxY4aMD3SZG57C0qBJnyMBFd0hUqWqqkV4fTFwAjPnZoTlZ4Sg323xbch8Nnnx72TAWI-AJQBy_tjZKrxwfjlfrJcs_l7ZYTqYYLrSEUHQnA0t5vdADaNMJo69lNKIfZczzTrM2Q7cpGjj_S9p0Ae5AbjRMQCB8m-C3W4s-0oWjmFSLEaYn2MDWSbFto8J2sSOYSYR3KoHXF9VL7gc_rHrJ5rQaXbbTXlFs4tQUhqREZ1xjRwx9iJGT3KKFe35ClKBBOpE0LWf8ahrL79qre552UaNzWB6fl5qRJHutrMxXwsRLCDu65ywEQLY01U4AVE00KN8doXHgDZPhYhMkJB_pAJ13tDIEoWPcvRitZh7O7nepPnW6JEFm1Ex5rdjg2DhG8ncfBRE27MF09r-OPOGhk9uFwWkngek3wMqJXhJVH2vM4dOOinS1v7-ySqomjfMc_BOQXUJZtL9zX1haYsPoiGI3KdumJWqH04ydVe81bCS3-OHLBakcx093bLsA_K2ptNQE_BXR2FyFhvkSg7Elw-bnAYtyFh50ghKiI7YZldz-tz2lzc1xfvCepDRjQIDvIJsPTrSyljASj7Tg8ehX809Oullxr61HDmEJyBBuGj2f8xzsCohewIfjjqmhaid0pNc42UulZTEczVN40lSyVffQ7WDR1_t3Iqg1rtSSsGyWU-YML46DWiY7vab-XZwZx25NCfaugxtgFLJdHT2-_tDPFgATRp2W948vyZLDMor-FdkBwgTRCeSrB2frsriU2VlDCcAMTCgUKzInv2DChGa7oLtX5--TGcoOQyEm4_lPyKnGZ17nA4s_R-_TccUlDyFWR-gZv2zehD9uaej60hFLvhlz116yZG4lHLYdWsCeAjslDvFICWBRfA4EDiw620guCNMbWNxBwTSKbEp9ZVcgRprmzogINcYalXdlJ7NE5Stwez_ELBPz7gNHCjltQTSq3dTSmN3YIr19Cnkozj3LN5xeGZU4jsEkwUMChUFK74aZSxffqyMteTHqvgJvtlRId-9OkhgLORJe7y6eUAx-KvpTbd6ARA09llSpAP4r6AIhb7ChFcQMhmFujJhaEhcHVbZgZmQmra6C9M2yh6KJO9A-Zd8_KC37xehbRWtxmWWans9tBqPzZUuJmw3E8_UrHz2RUqAbm1SReyU&sai=AMfl-YT6HJ7voPWZvt6wDgYhoa-Z5aKedu1QwXwERJoZmTOyJrqpmwG9HKdnaciddiL9rrqAUk1TS2GXsuZKz90vQaYY34mTygS5sH1flYXLUuLRjYZoENuSj99nOIMyaopv2GUpDza-gB1-ygRmZFntIqmDhglQEhFHqbQT8MRdCtVSERYZplVWi4pEQgh-ApfkWiT_ZmxcUnhW&sig=Cg0ArKJSzPI66ejNfLN5EAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=584&cbvp=1&cstd=569&cisv=r20230614.15335&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:33 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 05A4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AD81 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A2D6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 536B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0627 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A2C4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A79C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1357984827745&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1357984827745&version=m202301230201&ct=76&x=8&cor=15107947211301724000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8779 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUxPSJgUy2V19iNWKIp8w5EacNSm2DaeW5D5R78Eo_UcBzWYP79R0MfWy7bkcgkWAWbhR71nonZBiNERDEu9KgvZJ8iEQmMlpl-_gbE37UehSKIlZ4LCm3KoS7HVqjgju3Pm0bMmwHs6QmzvXT7EWIOilk9nXugxdE5azUC3dmoQtec9Q&dbm_d=AKAmf-CtUIlsVh8zoPcWlqUgD8QjthguT0rhr88Nqi4FjuvhKO1cUd-ov-GLw1st2zUpML1Y39fXrUTKyTf5haV_89hlxQPB4J_yuZhS8ar_eonZAgVqYOtCJ9l8cFeXWDD4TANDgu3AvR35rOiEbw3J4PWuJZxkS8ZXZ-CDPufTB_dej_erbXjBuPQ_BGIMfUHgF4umYkOGKhVZulqMxfgIvyvm4vfeFqu3bbZLo4yGstvOBp_BXhXqtFJAdJzyBUmTdPntlO1DmPjT-HjP-JHUqHuAlOzTRuNCBWaHg1QNxJ2YKJds9lCwMa0fpo-QeFn3xcccygarQtzG7IK2XpBGzXsjmc3LwUKgny1jQVLHGAnKQZkGpb0SOz2kCh_noJBEJVsOtVqiBV2T0c9GIykZ88rDULnmAu1nctG7VJ-2YiKSKl25A8c-kJgnbgn5g9Ro_0ETQ_rmQITSQ4Sh-tPHLjC2KKRwZ-epNdelEyELr2mEwkvjKhSsBjuHdBcoGTZvwhCcp4NHf2Dkg4sNsNCSFX4FEAX06qbv17q8cziSWW6WjMVEFMh3s2pzmlk4MRnLW1e0_WCYNu0FRhXtITEcunh4-x4wMnHL1Z1VnUagmf3-JIjqdZ_WG7p84TUyjd8yos0xr94HT8gItv2z0NctRxTfdVMF7Ck-TC36Co-ryhNqwmOe5N20HgfxJLu3aPmZVO2lEQaB3E5Q81Rx_0saJ-hfw7LskICEWDwDLso4GGE6SX3a1jbYjduadq9n8NkDTqWkQqX_3Xr0Sa7u4zx1FCb97pJv-J2Uw8i0EZKUno8LGG0_befNQrBGVM1iEr_NdW1DhBs52_V1rJnQQTt0TdDegi4JRFG877Wk88un89U97O9x730PNHYjDy_f3hPSSo_H1--B1RwDxSMG2OZj1Wne4Qb_QiBDWnCkb76s3suMty_MLXFWMeoGnfdLlc_W6hBifizx2RbYHQyE00nXU26wpKtnBgwHgkTJDaXwVec3Jt77sCDu9TMYk5lVHoIvjEgvdxkLH82juZ1E-oOKAjgjLXU-6Y0WLbMjuSQp-SIJ62vJGoTHJnAaj6uCn7400aypEKqeU_Zj_R9ADBtv1oV_vbRpUDib5hVUb_8qLRYAi7GB1z6iz_Gkm40rzuhFCDlQW-4VVkY3hm1HTJs2rOL_hPgrkVOj90pS6LQWwa0v_M-oxhxtPjo7ixSxiVQZqnioCq_zoUUePRl7cYAsjMSwqtlAh2onJd-acC-12SbdUWA1AH2szbpq5j-VcKfdsrJfYNj9w_ZDh3reSN2lWSH68deUKG-xW0Mh5jOAUX0vsTgXISweIxc75t_FBbqUGWAluBpCWGYetHNuBTQ079gn_P7nxR6_B-toDbVbULHe4eRe0xOaTkRSwaXjsRPj7Jv1sVW00tBlE-WZgJe3KrFnjR3KI4_8hedPOK_hPB-6AL16ZDNkSuyLcAqSYzmnZ9t19aZzhdKrjUKbkPUusAMOpq4Pl_i1sXH3wN8EzS3B4ozL7dOn2Fcvzwdl9gA6eWRa-saC1dP8MtNctt7_PPB_ws3qfyQK7BHQBW0TvR5RG9PV56mEbGzKv73yz3P02AAthJFnRpWHJha_2Bw2kAgfzSvqRt6-ifpjgbC-adHHC2wORQM6uLOsddKCmHOYBk61-gKYSK4t7afAiOUQONVCANdQsEvWRJMa6DsiayoBBZosEOJwZPOIz79Kz-CKzsa83AJ0XaU_DexaUIaxh32q0NSLn7iDfglbTeMiYNraWoowgdl-5KXt1KMIQVg7iGAiX6p_Pi_S0hvleOtSzebIsr7b_Q7PgCqK9UvUAD3rGqOo4T4F6YuX7wv5adCPJ815TN2tTit5FRlqNHVw1xvUl3Zj01aW4cUsRTaI_VjqgpUwgeUjlAxD_BOMW39XtRarN7PjBKDfZAqS-0eh30M97psNYzMjTfohKNx3P_NiiHvx6bJWq58lMacw5fg-vLO1i6VUZFwaGyF04ifwxsvXy-NJ_cws_fFZ1igYyIyrCjwgyDnYd8e0LGkgZbnHPEdhjY0UmpEoVntio53FqJFzRGvhCX79Cb-gXJKGWC00KS44dRT2PxGw3mvRCphB8WL3nNbRI4S6vYQvWl8YZ-1ka0pMjHmE1QtZWrkdCSDkIz1ihJ0QnQaxxnUmaWaxGdgF872kjEKo6-C6u-m8rY7icP1_VL00G5l1-LlxIgtvyuFlwCYX3nKP6FtnhGBMc8TkZp5FJYPzSRWyQK00_XzT7TO71HbC6PhMfk-3DVKVPBvcRbrjXiq95Nd0880YJrqsOTMaYIHwxpGimj_mrEa1dnNmn9LrkAHOa7O6p3m8KJlart8cgFozBpdgvBo2lyyz7h2zXSLvMxccLuYjksD_v9rjBDp4UYjFYqWpIApUXKVwO2EJQ6gP6mNGPCsdYjzmEv4_CaeKvz1wr-uy8zrqN-JIvygsKJaDhEMel86sAXiaqIZBnNkUH1J-43T1-Soz76w8iO05opoew9HbtYkSpkyEM_Gnp5pGR3LRLHXcMUpmY2SWTz-9zEUOpRkc_-sSoCkg5tOiyKwRRdwzLvJLz8j1XqWaQx66_CgVoUVfQGYSFdBDUtNx8DpNKrXzTU8U2ptxLfpnLVV9idh_pPDSa935-i6OYREC6rAKvZe-6ymfzZ8LEhQHTLPtlA5yTC6vXTef0ics47f04axXOMkLJSo3bJPpNaOAYn2Uo_qJv0jWTM_4DVR1pV89USNZPbvmX6WdoGG8lGWQt3dKG3kW_Nr_XsxZ1A3DSn2Cew9ro5vjR3CVJG7AgVg1wPwkOPh9U0lhuqAYFMXybf2iJjh002CKAyHD4Xt61kZhVCDl7bFa8ci2Rk4_rqq3GtfqWdXOwIN1hXwmDQNZOhgMUNNU9BDiRAaKqHTbHKjzBb3EthlctWmUnCw-buRUdSy_slV_tU6N-i2vzQ0mRnpI6e29uZeTlDlo34Q45Ikx6g3YcmJ_Exy9nrAYXZwBgJhylA6ofOBwcGLrMsaA5p2FqASSICJ7IoEXxQF8GZgLDZWiOhubyIbgAVYCgf7qLkk2nqM1u86k13ssd0mOcXvEQlTRqy8ESocAjMQvWhImIAQO19BQ0OKCpU69ibfuWier5Kja-XjlkNYQoemeODIay2FxznhaO0l75nUabQmotPttpm1u991LY34pMUd089Qo7cldjbELbvWEPtjf1-Idps13NZjYkF6m4M-9NeuyzqE8H1aRATOhkYk44kJYjSKFEAmTMfRqK0gVuddK8qKjTwk4eofQSLH5PPE9UgCy9pa1MYOtbOP_Bg5SqNCp6HGpkvHlnYoZpxGUmS1qZxXpc-Uyudzf2ixMiftTNu8AX8COLUPDhjM0sQbGQc4pPMCPOQOqvvak7LkWxhxxJqF1Spo2TDYssmTl0T0kZNcGDl-0-6DsrPs&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDTOc65N7ZUjZDuAXlqz6Tt9qp9HFlO2tYgRP8OQMIygk9V2laGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=15107947211301724000&adk=607433789&idt=90&cac=0&dtd=55
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc6b08ed0f643d8197ab1c106c457c9e58dc785b1031a9a2ad9e35d0a716e58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37837
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F28D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75266251&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
091c91c78f36b1f6925c8cadf7f3d55399c261c261cb2ccb13efb0e29a9f9c88

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6662210744106&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6662210744106&version=m202301230201&ct=76&x=8&cor=17805734626571071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 90E5 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQhjWZZVxpAnGJXtrkYaKjqxyS_HvRfeCoedxfT3XjbBhjUUgU-5OxcnYmXlO-YEklryK6GawVM8NTr4nTqqA2Vl4IkGND0lgn0KtAsZN9ODJJVcZSwUJx1BULyYlv4LtskkwqA9nwp5KpbBBX9aqgPT63m3XJ1SRLIw9isBLdh6QZOE4&dbm_d=AKAmf-Auc4YewtcY2G3oqmkby6axQrUAIQpm_wg59AyjBoOV6Tpvrt7SuM-iqR4SvzZzrAKfRBZpJ-HdJpTMzu7rrOG7DwZv7hPf-XS693O7YBb49__992XtLdLga7vE8ZGs7yPtq26ffuGquf2J-q8fzlnPr4S0tovZ9kOUYIowxEV8W9oJ3CksIxLX4hNFaXcnDK78I6XbZUeIR8HFqm-L7ZE-r-Ik4tDRaXqXuNhPTLVqBxik0dXZ1NjRWUv60M_0th9F_5dDBCKDdSBKpU1ryRmCEo2XEW-oFih2cJw6JymKKuwT0nDPJKOHrUZ2HWRv_QmSIpWvPtXGJd6OL4qjk4Ae00vY6-MONJPTZHE7cR4l8ESHqpdkjalo2A7RkwXi8cFFiltOh6JI5HShVgLeyefv1qessq8t7TozaaIGDnt96Z4lYPSGsIq0ym08SakDOQ3tH5JUO7WvbkMdDlBxL2vTj9CNeWeD4rjwSxYctLVZvNdEgLN_0jzFAW_OjGq5aOmE__ZEHTJNe9vFB36NP0-drs_tY7gHaz-jbNqR1vAAsb7S3_yM1xn_HmM0VPdoc8GMl-2zWgLRuDo-0ZLex6z1CrfAwXekRCGInpibRluzbAG-28IKm7q4ZlRfDfAwRbMcG9zbq_qMDXj5KawtOKWgn1fmTGxSC9--gvfm2hqiXx0u8QPvo_6-HAFqyA7F41Ue5hPVVhYTajitHBFqj5lGLJQmwJRyHj-Y-6On9kzLD3EXUnDiiiEQdI93kTS1oYHSmk_yoeCfA4NEvC4FOt_Am-o1fDcdq030wKzBrHgPDfDuMtNNO4ej8TdyzB8qTIPpxKF6a-Ku7h3ux6ToPiJga0GEVbbO_VP205lx4nOzMjH2jBVwiDWI0iFc36pOSKlzVxVIZ19Yeb2Hsnqmz1Ol7q4mgVbFlUwmCE-Sn3sUAuYVe2HZ1zgSS8o8W5WCNTPI8k16KWVM0GMP2GUABdGva3ldyvP0PCCO1tsgZWf6c_Rk8b652SuId_xD_bzG2GhJykbUJTY0z8ySsLbLWEfPpz3J88WTg0SIMSUngS6-jbzqXR8new4b4iHZao7VmsjAaVySMmgKArMhcN7mA1nDJtR4zEnQwHtACZeritVa6HfPeVXYYETj4tB61qaEzFNuyqyJ6TJ6Th9uSnjtd0MQjxwGIWlEkvHxeIBge32AnFv5Eh3ZzgwfIt_u4TgZSIVlm-xILxRAXROzXgYM4YC9eN0WwCDO8UPc3iTtd-eLXkZtyZ5znoZ5CS8i_sKAbeKNyA8vHewfn4_AFtvkk-j6ZBkmR3nJJowmdNV6Niv-WxgOcr5WgoYWyR7blC9MQJXVvNb-BFr-SkqcLfdqFXkQSCuOROeDC2CsKdMeNZbEURIl0gS_4wjC8qu-h7tcs08i026RVf_L978Qn6z3-wk4hgQr0Dp29rqGjGh_LCPytlNownmhUVUhj-WlZ8XxMjDisvFPvKMkLVlx0zwWKjbXL-WYg2jQF_GnCSudXmqycuZXrTdOSp5leGUF_M_BZQY9Z3HmKqx14vFae2fNIclSVvyPi0ykEYzLKTo6eXo8lZZB8yu-Lty7DORuk0pUZ_tDABFaAKHfhSTGe1G4Nljm3xLuwlAtAtz4_PJwyUSAMa4nxkkxeylT8TnGjAXr06a2nhcLGWt0vA7oJikzISY37CtjN_vjQRzHWMSKmAOk5p7wOiF-CJEnRoyvjtw4MdMeHTOhRb8TLlpFLZNmQJyZRI1YEj5_82BzmwD7O9TgZmeWO9smfP52QCJR82ul2ou7__opK7fFk3yQJT_GjD5U1crfwes_ju27_VQH96t7wye4evvcFvJ_VhaV8lazu87E7KjI73_zrECldQ8oG2AaYQFYzJdRg-0JgNkCFf0jUXXwb9HefTLc-dKl2O1mc9f2UUFoTEauIODWOqdWxNHvuGRzkSgOHZ3NCRQQUXUW-JWeUtndlPk_1JPLeCATrp1bVpOcMhsu4i_aKgY-aQPDzFoXTMze_6hlUCTuzz2GE8dikHDdLHJZHl0tAr4yXDt-49sv0WGc7i3374dl7geqPvryJILbrA70-aHDuB3pBxRSuwTIqU8pum0SAzSwLBGfxs13njuHvdP06ggHRiKn16K95OmLaWJuSFegOS7rCjA4YQqFnCXVSxn4Gxeuxtd-PzTt1U1jGFL06Gbg4cJLa4YJj_abjz4ziKiFE8Yh_areveuyOEO5IR6vgWvGtO2a7yUHIurz6TTXkiFSYf9OB53lbr-2AX3Q48nLUr-gAGnA--I-QQq5IsCKxlw0TL-WWB0BaHhXc35E3Z3r0eTSHgVETc-ey5R4Bsghvjz97U3G9KaEHbqYlZ4EbvnB-qU3T16Rfbui2rFne9m0qHxfk08KOc72u-Zm-f-f6rzbJtPTN07e9r8RgZ-3MZt5tHSBUC4BdtP2h2Z1-j2CW_ykx3HHTVom_qSnxN4G5_PL2OY2rFTT9Ob_bjptEuHssHvZ9HxHhogbpWWUgBcU-vKUFps7Dux2IjutHX2DX00Cf__LLpeQWDSOufPT5XOH2m7y_ayi_-zq9m8tldQ8v1rjUaebpwXJWW_SxACAEMCDL5w4fEtmslQTz4HKXjUf02DHZfIS9nNfkZFc0uW0gmoieXar2peEZ5ez6NKId50CRcq8AS8HB1bp3uJv39kYL1DntweocSNG8bXImF0Oam8bxDXVDUNMUMUWCtCFu9TT_Oc6eGVTj7xUYPR9ojreIYFCMC3n0CsOev4PH0NoI-T8Me2p9Zo000JoqbLe1vZGvmbGKh6xDdh4aoerkRUmA1PvMYzOCR8WvK4uZYRcg9QMqkFPdZHGnz0mNVFqWQXqhy6SRkCRT1_0ltbsQyeBnDvFAR6YBnYdS6pKhMfWLLmjtBlYB0lPedHBllUqnKxD6xDBDiEuYd_Kzr44LRsYi7GzXFz7QIPqINsbB2qFWZn5PNUkpe3nEC_mMLaSVb9q_y7Z7TeUXjxfRybJwhuW1cvbc6q0tkWdsMXTHBejoIgGJy7OTiYOihgHsG4K2pSDYPhHjIyp3zJiIKyjoR2BtU0hqIQUrMJ2IbmUu_DTEsiaUWgnKIz-8r7las8gMC_p1i30bjC9SYhMXFSYrpVHmY4LHx7ETelDevhTu_LnrfCVSjPEsP-pbmnPCN1GyBZiRtzhsXVJe3wG9UO2JJSmKbpdrmrFufqJRHgt84Bu2WIDbfG-9Z9IA57xdwnyzZ4nP23K5e8n1mRvuIYH1epvS7Mjn_3TLp41U4dtzsU0lT77Buv3chgjl-oPOBJDze5Fp4HUMD_QcLObIWoq2GZ3U4V2mCm3B4N7c6ttyPoowgX6384-9UxQPK6uwS3w_9rgPq7qM3pUhuIbKZRIifWON_xBDx6z2RKL6--8IJVucuvr5aTvYPazJxXjiIjKIzpDl8mzA40&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDUkHpv3U6T3qje9oZF_pW4gOtTW4DtUGffUZUhavII7MBerbvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=17805734626571071000&adk=702366857&idt=131&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b42907ded401723b9a685478f3d8849b72f354bfc57c9f1c318940d124f3a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37899
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F4A4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 6FD1 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 6FD1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6FD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQkqnKx71OFubepQnAjrn4dD9N2mdajM2F6TO8KKPO2elTT4pcrVz0Up0jC5pXg0bAsM1pCVRnqcrcymHKyFyWNMW-r1rACZor3LZ9c3fCutWUF4AS6yq3Z1_qAII9NeetcHpUp9FsDAoFjT5SarTaFpgjrSgYMQV_WFCsZPt_ADK2Qu3h4m6JOAZKF5uanE4MYAaBJkknszPDU5-7VOIGLNcMiOCYlNLCkx_OzBG6qmQIhpFYjwjB2ile_7eQ_V8lI_YU135flOOYkosSbgwjeextseukGsEAFG9ziH7ofVMVmvmaIFAPZFHWtNlaiGLr6N7lcQFP7wjdN6LlRnRIhmyMPmZHulsQ0OZLtn00EB0utjD2psvCuxDgBO8GfC5IZEUHZtDNDu19K8xhn2Q0ocKjPhAA2-ElkfUKkUUaesWmPgFlqt8qhWMZ-XIFXtYYbHieCQNhiwVaVaCTXOPiDz-3pmJ__CESFgIJnyujH3h4FjrakEft5ALTSmZAqSZd0VqGsZ4HWWtRN8JTjMuBvaQ4SnqvX6sUamEdfpGZKwyo5_IhlDx5ZHTDCmEYj5FaLq4sPI8A1J8NHi5XZrgHcTkKplim13AbkhVd4jwMIAPciwv08FJGA4_sxNej5JvK3ugaT46MbD0OrNDtHx5U3nLpsMmjpGQIAoG1CiQEUIbYz2-AbgZAEnvsSMC-DAYhd3OuPhJVUsdvfB4D0hdg2gNTDMenEkDL8yM92h8CrkkqgfVSWRzhcI9PILp3f4_NVq0DlKxqdAPyUGWPXEfDNWX8oAUcG60dHjBh7aTiFpzheDxpHwACK-eDzRNEgsr_0sxEpW-gQwofp4nexkl3z-Tts1qzIkRVXYxDJ-5uqtaBSsoWOiwjpCvngzGc66cUepC2plAIYQO7z7m2l0Y888BB8_79EH5dWesuyhdy6Gq_BkG08VnL56oY6GjO4WXjxK8mvb0jmCZGUg0MsbEZW-yNf3K9L9PKgRPX8nRkafyoVFvzmp1tx20nafgWOOoSzwjOOiU5bnfhn1KMl2r781p-snBWicYEpcGtdC6Wo7PHw8atu_new0GYzVSINFhWNNXlSC9t4yEhuxVBRFO9YCKkNI_zObHhjC52srCZEaaAo_GGNzVGxQrXEAnByB-gXfDPV_73XamSbdpSGU9BLU21KcsoFSHNR-MZ9zt_pFjt2mcL-Eqm5iadh8xwvic3LGDLQwXciNogvTo4NgArxIiXUDRCbxVIcWiSE-iefhuj_2U1tLUh6g3H9-EBzp6hNUfRER68NInPEMu3Dk_toxP4TNSfl_OOyV6_AVpx7WO2Fg&sai=AMfl-YSLoYgDdMBGW-Stzy7vYJfa88kLH1RVhCIU8RASZhihL-OSSZuAZxaYbVYcS7abhQARqpt6M4XXuCCNqD3ISvPimMSJDNL2Yj3iGeC0GdpB5JzHkMKyH0YUd30KvORlF3qcWtxJfnopPwIr8aXmEPRt5r4iKZM7wmq4Sl9MVxUjC_q0Ao74CcuAI4oCrsGPnRlBOnpX3NmHVM1fl8ELF-M8UobKMyZQhvP6RqxDoxFB60ueZVZ_Bp4QvdTcz-X2cwiQywIjIirmQsfv32j_2cdu9dqWEV8a&sig=Cg0ArKJSzJSXUPrKmUgJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230614.27322&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6FD1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
4992964825732415090
s0.2mdn.net/simgad/ Frame 6FD1 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4992964825732415090
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f611bfd2d3ce3c76e53f1c3557c0f701776a0fb9a08cbf7a7d77ba3fd7783bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 23:36:23 GMT
x-content-type-options
nosniff
age
575951
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32579
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 03:21:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Jun 2024 23:36:23 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4CF0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 4CF0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwysVDTN0-O4CuLYMSF_GAmtAaD6gk5WTFvH4kzBGCVga3omsPO2w74g30nYReK8_KsFK8L-0frmCi4k4pj7DyuW3_6BjX4HvPpQbMkNYICJBg0wIpeQZB-oE9SpHHGiXXvjlXog4GaZDT2GjEZJ-zHOQNfnhqbs8qL1Z2q7qkqczCt-o&dbm_d=AKAmf-AhBf-11oZdPQUg-zDtaoMA69-7O8k2lQ95ysucGHsZjM2yi6lirZCOtHpde4XJjQJTk21Rh8WdYIenku0Yii4aX-OK3ow0TMHHqp4d3rPOlVkOm8MleMw2Tcw4pF68KxA-p6-zaNZWbI_6X3lcDWHAnXO5NK0nL85KBrAxKLctrh-9xt7e7J3xHuVAGZcbJuU-L7BUpGqimn6LKyhGR_iC7LrQ9VY3ZlgoIAv2HvMEvOJnkQ4Ve46o8XZvQLpp6Hr8sf2Ap0wENmykjoqm9DbjH50Xwm0sd2kyZiC3XBsW9_oXrhc80kmBRg25JZG8ITXUS56V1Va2VFErnDyEfTeu7DEyCkrkZfzFKnjL7NnOZPSu8Kqw4KlWNnTKx2UlL0v3bjzY4uImu06yBdCatq02bo25HRXN3_zoFk7N8rdp7IRQ4k4kmVUA6UIolH0D-LIeKKz-L6l_TRv469UsfLpgmlB7VO2eSZbzzxHK5IYb4t4k3mXpCDrERcEDVoq5cNelmeaAJxjlPFP7kNbZm5ehLUjI_RZL8I0cxyGicgJn90N65fx7jIziNYjspbQe8mISsIBj2PNEbsopjhhZW5fkxlsg8IWMjXXAfwWgOkVkzuYFgwOpKhJDEm_thK-_dcq-in-Ni-MfUK1L1ArIW340XWSyRlQ4a47IPiWimZ2KcwgTPdg8s2qqSZfI9ByOwRBSIG-ZsvXjU6H8b7AQUAihmobOxClDx73goMVkEODVUxNKUTtjwDLUfSNKR8eCAar1lZHRxqTTNL2k8_PalwgWHMx2nn_RkmpHHVAk_rkPKpOLfLCmNOFtGP-jut4ggzozuz9MhKC7QAzlWzjlfq6bYahArfmf1AbiZjIu17QiqvaGbxhsgiM4060qf08s6x41tZvyWQWBEnJqozC-PfysuAGBSrnUOvL_nFqsYIgAWhiF3wD_MjQUCMfmAFVnaQtpd2XKSQKa7N3e5BbQi7MphdEv-T1axIrHP1X-APz4DcwraW6ok9ZxJ1UvN3DnPLEB1ByiJLsMkEQfMmYpMPPCQ-KJDY6csBjEYp2OP169HxfDGtDe-wrW3R9KrnYBKob_9iUYu1D9z_5qkzfm4-Rh1LZ2104DpH_tPG4m7qwJf3HyOyXPyVZc026wINuMzo1--UPnbpVlJhAkoatcGzncYGpGyisuLGsgiXEMZm2yW3iC0XK1omoecVX-l5ZnzIJVnQeaN4z0wWQEnTSFg47vaZUM9l_1tfpYoy7ncvZt9w49GaDBc5ZmwepnT6bZ6Z3H5zLStbdlIQzn6Vc_PpDFJ97fQtWt5W6nTb__qyrH7wcDwtkEjXdf9doMFXDxeDcoSmDKJCZHled-K4xNvTkNreIwMxVA37ZaiRujwI6YQoUV179zL_IWRjm1XKpmKXRusDdIcwXC9mQ9DfbhIF8j_lwKJJkcV-N8pAev-pPqHUm8dZZ49RgVkYSrYEFXvMiiEjZPbS9qn6cm3pCxIJa3MbwwxCpR5cmGNZzskRuzA8oJYGnd-Dy3O-qT3PM-4PVgg-0AQc_0Gl7rRAvUzzIOmMZct1I0vMhhuqv9UUsNHk9sXTRiscXZU8LdK6jW_i7X5rRnjVNGYHLF-1musWvkxbd1nKYAgRTh7TPAX1u8S7CsBP52PoBud6Mu75KOle30iwM2Tos8fYuB2Fj7LkCgtNhuuaeMe2lZ-BU2FZEaZet9SKC2n1khziE-KqmHidswCgAapM0rs2vx2tIvDql_pgPXjPOBabTEJ-aaLgjujcPpbCqqgJCVhhU1gwPvtiOCBqjdXHxwFmwg5Us3G7iuKQcSynfShcK6RM4EO4KECnCfS2G7Rput6x8jsK5ycTNKkhMNJv2gDXY0ITLdVMLBk_5UmqnnQ-8Ok2zTXnPQf9P_4SnEtxfMKx5CmjyHUcffLSST2pfTwZmj8pbFOvjik2U9XBsJVFwrVLuUaEutHT_254L2Gm2VYI1PWch3adwqp7lJsSTdtnOHBfaMVgRVBi47oIlHSwlyyoZfb2Bfy_L03B8_2zlSFTF0W7eFmuKk0XiFfYHx0tVSpNSE_QD4s3rkpYRGkbO3Sku8BMW7F0-olZY-qiQcSCWSbpD8VxHIjfUiTwR_Tb2uB_l5jc5JEBXbwgMU1Z1UrIsH37KdSPss99wVx3w5qKmS58Hcef4d-Nsv2qsstyamclSdjNWsxRG_mQKj2ypOuuFwtkNZnDtiTinDcNZtMaN5nXWMiwXEZzCwRDomQA5QuvUwv2jXB4uyf1Za0C9TNWwoeYwtWLJumveVH8n_21x2AK91ix1XFAkAFgxjWVdDk4PFdo8XRLVVs2Z6VZhBEH6tDOMxvpc3d-R9or_w-RdeIEwyA0Zd5qs-vU77I-LGkIV48-ej-ICAlD_WsHgoapBTF_H1nucc8xfENNR8-VdoVSclc7owXwyYwo_ZP0BOLl6lozPuPYCnEXlNfZROl4v-7Hoy4e4PZm8HR83DBgUN0ZcpvXd9L5FyHWgbEvHg2xyyjDJluT_VYZ58BlWuHknYI-xV9Bc7WPR2GLtWUslNGYSU9euFkKsP2-bMwyXg_0OEVQejrj4AViV_t7t3tgBZPcpv7r3LPfeJHOsU5KVLq4lc_rEvw3ldGEJBw4Kn5elxf2MNoqsm3tRsRfE052lqE0_RnYhg2tGnQEqXOEjnHw_T9uj88MGMGmka9_x9_2TJkJcclE5FUlgb7y-co4_GdTv78F7PySa66c8f8IQ4NeybyPl7ddrOP_nQWU4bbrQUWrcMsaMFinTkPLNK6C0LfQ9FxZY3TdUSP3jlmhG0fnzPeyErE-qPrtNz5Jliev7zPPardfz4X88A8nSXOJvbRGu771_CKLf1SWRAAaAMejLiVohs3nje1jSlU3S_QwmgBSlzY8jUHIE9fHlg_4xzomU_6wmvuWTIt7Jn_WeLolD51RMOcbOcQsI_IJ6M8UaGVw4XpjdLy_Lscqea0mj_g5g_dgIehtDaIkLD5QgYrYI5YhyHQol6sIfZcyQ9rtU_ZuA5u1OrEOK8eU5MXQBrrDIFtf2_22EjhSv_X2KVf4xdI65SfzydFMpscUh58wut9rUsPetdMMt7tOu2ppWyicK__tiiPKIzRIjrbWdaDTAJ8chVXs4LLcfFT6VZO38-SS7Bq3xwHMKoTTJmnLwanMs4HXndU5VeBHg93GrGP-wAEYC4iTJr3TjnKb5DNLrMdimDCPhUHCEIW6R9r4E7j8i0psxMknAtYWwCO0-o7BI58-XrqHGCad1Cs1QLw24tQuNWSncNLWm-isivDHNcDF8ONjjCueFIHy3GNeGxDNpyjttXQUYQnXG7v2FNeNA4Tt-t_Tp-_hF-OwFo--POt9zig66chF5jRjiitycU78De3fYAFQ6mjzkDU8uktCCKC5AeqV2A_3UWrchwg8HL3lACV2rHZPk&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiD3hWzKKMPON0MCpxDBsO5_7Ny6iS3JpXkwXSblZgGR_p09DzwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8407216993199261000&adk=2119884477&idt=80&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 4CF0 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwysVDTN0-O4CuLYMSF_GAmtAaD6gk5WTFvH4kzBGCVga3omsPO2w74g30nYReK8_KsFK8L-0frmCi4k4pj7DyuW3_6BjX4HvPpQbMkNYICJBg0wIpeQZB-oE9SpHHGiXXvjlXog4GaZDT2GjEZJ-zHOQNfnhqbs8qL1Z2q7qkqczCt-o&dbm_d=AKAmf-AhBf-11oZdPQUg-zDtaoMA69-7O8k2lQ95ysucGHsZjM2yi6lirZCOtHpde4XJjQJTk21Rh8WdYIenku0Yii4aX-OK3ow0TMHHqp4d3rPOlVkOm8MleMw2Tcw4pF68KxA-p6-zaNZWbI_6X3lcDWHAnXO5NK0nL85KBrAxKLctrh-9xt7e7J3xHuVAGZcbJuU-L7BUpGqimn6LKyhGR_iC7LrQ9VY3ZlgoIAv2HvMEvOJnkQ4Ve46o8XZvQLpp6Hr8sf2Ap0wENmykjoqm9DbjH50Xwm0sd2kyZiC3XBsW9_oXrhc80kmBRg25JZG8ITXUS56V1Va2VFErnDyEfTeu7DEyCkrkZfzFKnjL7NnOZPSu8Kqw4KlWNnTKx2UlL0v3bjzY4uImu06yBdCatq02bo25HRXN3_zoFk7N8rdp7IRQ4k4kmVUA6UIolH0D-LIeKKz-L6l_TRv469UsfLpgmlB7VO2eSZbzzxHK5IYb4t4k3mXpCDrERcEDVoq5cNelmeaAJxjlPFP7kNbZm5ehLUjI_RZL8I0cxyGicgJn90N65fx7jIziNYjspbQe8mISsIBj2PNEbsopjhhZW5fkxlsg8IWMjXXAfwWgOkVkzuYFgwOpKhJDEm_thK-_dcq-in-Ni-MfUK1L1ArIW340XWSyRlQ4a47IPiWimZ2KcwgTPdg8s2qqSZfI9ByOwRBSIG-ZsvXjU6H8b7AQUAihmobOxClDx73goMVkEODVUxNKUTtjwDLUfSNKR8eCAar1lZHRxqTTNL2k8_PalwgWHMx2nn_RkmpHHVAk_rkPKpOLfLCmNOFtGP-jut4ggzozuz9MhKC7QAzlWzjlfq6bYahArfmf1AbiZjIu17QiqvaGbxhsgiM4060qf08s6x41tZvyWQWBEnJqozC-PfysuAGBSrnUOvL_nFqsYIgAWhiF3wD_MjQUCMfmAFVnaQtpd2XKSQKa7N3e5BbQi7MphdEv-T1axIrHP1X-APz4DcwraW6ok9ZxJ1UvN3DnPLEB1ByiJLsMkEQfMmYpMPPCQ-KJDY6csBjEYp2OP169HxfDGtDe-wrW3R9KrnYBKob_9iUYu1D9z_5qkzfm4-Rh1LZ2104DpH_tPG4m7qwJf3HyOyXPyVZc026wINuMzo1--UPnbpVlJhAkoatcGzncYGpGyisuLGsgiXEMZm2yW3iC0XK1omoecVX-l5ZnzIJVnQeaN4z0wWQEnTSFg47vaZUM9l_1tfpYoy7ncvZt9w49GaDBc5ZmwepnT6bZ6Z3H5zLStbdlIQzn6Vc_PpDFJ97fQtWt5W6nTb__qyrH7wcDwtkEjXdf9doMFXDxeDcoSmDKJCZHled-K4xNvTkNreIwMxVA37ZaiRujwI6YQoUV179zL_IWRjm1XKpmKXRusDdIcwXC9mQ9DfbhIF8j_lwKJJkcV-N8pAev-pPqHUm8dZZ49RgVkYSrYEFXvMiiEjZPbS9qn6cm3pCxIJa3MbwwxCpR5cmGNZzskRuzA8oJYGnd-Dy3O-qT3PM-4PVgg-0AQc_0Gl7rRAvUzzIOmMZct1I0vMhhuqv9UUsNHk9sXTRiscXZU8LdK6jW_i7X5rRnjVNGYHLF-1musWvkxbd1nKYAgRTh7TPAX1u8S7CsBP52PoBud6Mu75KOle30iwM2Tos8fYuB2Fj7LkCgtNhuuaeMe2lZ-BU2FZEaZet9SKC2n1khziE-KqmHidswCgAapM0rs2vx2tIvDql_pgPXjPOBabTEJ-aaLgjujcPpbCqqgJCVhhU1gwPvtiOCBqjdXHxwFmwg5Us3G7iuKQcSynfShcK6RM4EO4KECnCfS2G7Rput6x8jsK5ycTNKkhMNJv2gDXY0ITLdVMLBk_5UmqnnQ-8Ok2zTXnPQf9P_4SnEtxfMKx5CmjyHUcffLSST2pfTwZmj8pbFOvjik2U9XBsJVFwrVLuUaEutHT_254L2Gm2VYI1PWch3adwqp7lJsSTdtnOHBfaMVgRVBi47oIlHSwlyyoZfb2Bfy_L03B8_2zlSFTF0W7eFmuKk0XiFfYHx0tVSpNSE_QD4s3rkpYRGkbO3Sku8BMW7F0-olZY-qiQcSCWSbpD8VxHIjfUiTwR_Tb2uB_l5jc5JEBXbwgMU1Z1UrIsH37KdSPss99wVx3w5qKmS58Hcef4d-Nsv2qsstyamclSdjNWsxRG_mQKj2ypOuuFwtkNZnDtiTinDcNZtMaN5nXWMiwXEZzCwRDomQA5QuvUwv2jXB4uyf1Za0C9TNWwoeYwtWLJumveVH8n_21x2AK91ix1XFAkAFgxjWVdDk4PFdo8XRLVVs2Z6VZhBEH6tDOMxvpc3d-R9or_w-RdeIEwyA0Zd5qs-vU77I-LGkIV48-ej-ICAlD_WsHgoapBTF_H1nucc8xfENNR8-VdoVSclc7owXwyYwo_ZP0BOLl6lozPuPYCnEXlNfZROl4v-7Hoy4e4PZm8HR83DBgUN0ZcpvXd9L5FyHWgbEvHg2xyyjDJluT_VYZ58BlWuHknYI-xV9Bc7WPR2GLtWUslNGYSU9euFkKsP2-bMwyXg_0OEVQejrj4AViV_t7t3tgBZPcpv7r3LPfeJHOsU5KVLq4lc_rEvw3ldGEJBw4Kn5elxf2MNoqsm3tRsRfE052lqE0_RnYhg2tGnQEqXOEjnHw_T9uj88MGMGmka9_x9_2TJkJcclE5FUlgb7y-co4_GdTv78F7PySa66c8f8IQ4NeybyPl7ddrOP_nQWU4bbrQUWrcMsaMFinTkPLNK6C0LfQ9FxZY3TdUSP3jlmhG0fnzPeyErE-qPrtNz5Jliev7zPPardfz4X88A8nSXOJvbRGu771_CKLf1SWRAAaAMejLiVohs3nje1jSlU3S_QwmgBSlzY8jUHIE9fHlg_4xzomU_6wmvuWTIt7Jn_WeLolD51RMOcbOcQsI_IJ6M8UaGVw4XpjdLy_Lscqea0mj_g5g_dgIehtDaIkLD5QgYrYI5YhyHQol6sIfZcyQ9rtU_ZuA5u1OrEOK8eU5MXQBrrDIFtf2_22EjhSv_X2KVf4xdI65SfzydFMpscUh58wut9rUsPetdMMt7tOu2ppWyicK__tiiPKIzRIjrbWdaDTAJ8chVXs4LLcfFT6VZO38-SS7Bq3xwHMKoTTJmnLwanMs4HXndU5VeBHg93GrGP-wAEYC4iTJr3TjnKb5DNLrMdimDCPhUHCEIW6R9r4E7j8i0psxMknAtYWwCO0-o7BI58-XrqHGCad1Cs1QLw24tQuNWSncNLWm-isivDHNcDF8ONjjCueFIHy3GNeGxDNpyjttXQUYQnXG7v2FNeNA4Tt-t_Tp-_hF-OwFo--POt9zig66chF5jRjiitycU78De3fYAFQ6mjzkDU8uktCCKC5AeqV2A_3UWrchwg8HL3lACV2rHZPk&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiD3hWzKKMPON0MCpxDBsO5_7Ny6iS3JpXkwXSblZgGR_p09DzwGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=8407216993199261000&adk=2119884477&idt=80&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4CF0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame 54F7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=huvvvpw&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:34 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
d1ac3254-cdbd-4074-8da5-d1d65d22b5fe
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/ Frame E16A 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=1208&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A0%3A673&aa=1&ad=1023&cn=84&gn=1&gk=1023&gl=84&ik=1023&ic=1023&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=717&cd=84&ah=717&am=84&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=203695&na=1868129338&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:34 GMT
ev3
eb2.3lift.com/ Frame EEF5 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=37000276533921298888890&sr=1&uid=0&type=grpm&ord=1686929732836
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev3
eb2.3lift.com/ Frame EEF5 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=37000276533921298888890&sr=1&uid=0&type=mrc&ord=1686929732836
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929733859&oz_l=4341&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2603 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
8879
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 13:07:35 GMT
etag
48472445140208031
expires
Sat, 17 Jun 2023 13:07:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6FD1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b34f7d4bc66fb594b739baa7d9bb4d6ec44fae94db60627b9384795e5cc1d77

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 54F7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74396
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame CDD8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6FD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQkqnKx71OFubepQnAjrn4dD9N2mdajM2F6TO8KKPO2elTT4pcrVz0Up0jC5pXg0bAsM1pCVRnqcrcymHKyFyWNMW-r1rACZor3LZ9c3fCutWUF4AS6yq3Z1_qAII9NeetcHpUp9FsDAoFjT5SarTaFpgjrSgYMQV_WFCsZPt_ADK2Qu3h4m6JOAZKF5uanE4MYAaBJkknszPDU5-7VOIGLNcMiOCYlNLCkx_OzBG6qmQIhpFYjwjB2ile_7eQ_V8lI_YU135flOOYkosSbgwjeextseukGsEAFG9ziH7ofVMVmvmaIFAPZFHWtNlaiGLr6N7lcQFP7wjdN6LlRnRIhmyMPmZHulsQ0OZLtn00EB0utjD2psvCuxDgBO8GfC5IZEUHZtDNDu19K8xhn2Q0ocKjPhAA2-ElkfUKkUUaesWmPgFlqt8qhWMZ-XIFXtYYbHieCQNhiwVaVaCTXOPiDz-3pmJ__CESFgIJnyujH3h4FjrakEft5ALTSmZAqSZd0VqGsZ4HWWtRN8JTjMuBvaQ4SnqvX6sUamEdfpGZKwyo5_IhlDx5ZHTDCmEYj5FaLq4sPI8A1J8NHi5XZrgHcTkKplim13AbkhVd4jwMIAPciwv08FJGA4_sxNej5JvK3ugaT46MbD0OrNDtHx5U3nLpsMmjpGQIAoG1CiQEUIbYz2-AbgZAEnvsSMC-DAYhd3OuPhJVUsdvfB4D0hdg2gNTDMenEkDL8yM92h8CrkkqgfVSWRzhcI9PILp3f4_NVq0DlKxqdAPyUGWPXEfDNWX8oAUcG60dHjBh7aTiFpzheDxpHwACK-eDzRNEgsr_0sxEpW-gQwofp4nexkl3z-Tts1qzIkRVXYxDJ-5uqtaBSsoWOiwjpCvngzGc66cUepC2plAIYQO7z7m2l0Y888BB8_79EH5dWesuyhdy6Gq_BkG08VnL56oY6GjO4WXjxK8mvb0jmCZGUg0MsbEZW-yNf3K9L9PKgRPX8nRkafyoVFvzmp1tx20nafgWOOoSzwjOOiU5bnfhn1KMl2r781p-snBWicYEpcGtdC6Wo7PHw8atu_new0GYzVSINFhWNNXlSC9t4yEhuxVBRFO9YCKkNI_zObHhjC52srCZEaaAo_GGNzVGxQrXEAnByB-gXfDPV_73XamSbdpSGU9BLU21KcsoFSHNR-MZ9zt_pFjt2mcL-Eqm5iadh8xwvic3LGDLQwXciNogvTo4NgArxIiXUDRCbxVIcWiSE-iefhuj_2U1tLUh6g3H9-EBzp6hNUfRER68NInPEMu3Dk_toxP4TNSfl_OOyV6_AVpx7WO2Fg&sai=AMfl-YSLoYgDdMBGW-Stzy7vYJfa88kLH1RVhCIU8RASZhihL-OSSZuAZxaYbVYcS7abhQARqpt6M4XXuCCNqD3ISvPimMSJDNL2Yj3iGeC0GdpB5JzHkMKyH0YUd30KvORlF3qcWtxJfnopPwIr8aXmEPRt5r4iKZM7wmq4Sl9MVxUjC_q0Ao74CcuAI4oCrsGPnRlBOnpX3NmHVM1fl8ELF-M8UobKMyZQhvP6RqxDoxFB60ueZVZ_Bp4QvdTcz-X2cwiQywIjIirmQsfv32j_2cdu9dqWEV8a&sig=Cg0ArKJSzJSXUPrKmUgJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=458&vt=11&dtpt=456&dett=2&cstd=0&cisv=r20230614.27322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0J5-5VcgxcNigzkcK1YfDpnXbNZnpX9tpFZ1Q3I7cmpzNhcHUzVLN8HLdIosPLY8VPmehIdwB9r_gaAf1jZz9hRfDSA&cry=1&dbm_d=AKAmf-Dnr60Ut4cf5D6KA_2-DULt6JN7BtDG1QejKN7_QxaoFBlrCTcBpfutIjNSqAfgc6aiH_gU-ChjvaASoit53-VgZpSNZzSe3YJ0vr8Q0lWo4IfEXLwId-tEPHDIbKqz3f48ZE6FwyOeMyaVLC5jR3JjHuWdiBzrsC2-ESR14Zl5msyc2fkJWhi2Ze4ZwxYpZRZiBjVFnd6_5Or1_rhq-iBS18vGE4v8HEKMdgpEYMPKh6abd1ebTlTDGt0eD7uxtfXVA9wfR7NYmJhKP7Ez-JkSvgRvvfnu09eQhj14o7EKk8aUOiommKjOBARcQ-gmiEjxhJM9gAXrxpG8NsUR60jHBpA0c4leymyVo4TH6jikAdqidkviyrsqMd3Sk1u8IqCUbKu-a_-R0L0QwU_STzcQZBotLZAanS11tx50HmSrVl-4QcpXSY9j_Ae5PxlCbmhTZW78vbYZZRw0slp1jreo-dz4JzXMaB3qf5olo-rWXIpl6LC3s33_-DfeOGmTz7b50gHBe75DnuMZVckQvP7AWCocXY6N0F_V8_HZPRCIsQdh_hU2Qmdeiv9Td2OzttxaIuhsVhKJUYhGRsTdLB8K8TDHWifaI5eeOnV8Ig5lqJTbxHMbrzuTI-2BfpEUwXkQaQNIjYIYw_4AFNd5KrU2EC2-g9MLGu7AQtVXVCuGSbyR1kEDsUNgmAPUd377RDm9LfUZ0EsxBPjPU_ahDa6qTl-07Ae3TeB9WU321v_1GphQD4UXCaGQDbS-8Nnvkk7HPAjHq75ShpCqyzFeEAuk9TYCiGQbe8oLxqOt85jlCrfkT6weHGhYY9m7C7anVaaNOy2PODPC3air71zN6v44RWTML0EqgVmA12DsQV1GQQNl3R8LzfiIc1_lPvVf_DOYIqEJ-peXct00Sbe6fGUf72qiuE803mZlX_jTh4QXGC7OmkagaFQ4fFh7BqHgjzERm35mq8T6hu1OKNX5UoKCCTqvghGhpwO_2TzCyzJhvS9HtvqmV6jjPT-eyy9LbDSmQKR6hHfxt7dkcUk_Tc6HmgAKj3nd7LCWW7W-z8x8D8iTfRRWSmgPY4nCJqjwoIFgnFgj7BhGmM3jw-uh-qKBX1zvmfWVchlxQZz9T8jT_qgBGTfaaWB64om7iO0RWDRYdzPkgdcdfTZlla2EV4DPFiaW_-N0xMECgkXZltG91kuDUODllC3Ar8yUixS1BlFP8eVmuVD8l1eK-MBcALJSQV6A0hKuKn0zc485kPyNYgYXXH-p3aLL9ctgc63DJ51lDOQKxj6PO2RrHpseEC487xlz3Toy7zC0wGRJ38RMJ2oeGPwWCp2qBhVe1pgI_GqO0UMdWtwAGto0xNcx_hvBkFKBWug1yyIn_z3el55VAFUVHPz72gIFc7pl89mWqDEPH1Lzi4RkeMWipfpAyhSQPlBl2gDEKM7YBcb0wust9WtB6JBnzcz3n-pKwVddfuPcYQmmDRVEr6ySdXLcfx3yqc9YHSJr4KFm0LQaNbn10xOfJQJD0RCPNDY2Li298AiD-DulSeH7c6itoBar3CFRMEiivROGuyXt-V-tYuz0FJMnvOGTI42lb4bfXo3N6n2UAnlZgFHwl2jOnvQ3gMtefCxibjgf8oj7lNtNvrchUQz9PG-o5qEL935_UQmX9-0qlg6bZAgEj3gDTSo6U07RECrz28-K6gox8zs3UgtmtEzdMmgx94-sQr4PLLCT3NKTgm9TvJlXqCCH8LdbjJ_xIvXjJXzqhFv8-qi6Dd0pcrA24oPlqU9zE0Jy0GSPfAj9Jl55D0bMsFn6zT6go0Nc_ySTUMrDteuNowh7loJ3aWH6wsLlfmqdibdnc41RTDKv6hHhU7F6pRnPLU_QISvyvE6SQVxYasLq2483h9epPJHx6DWAGLHKcz7kv1_kLroaqyl4ljKW7yn7AwauZfPkqr9IqgQM6l9PPZA0w2KUpTTbaQuYqcuWV63jCBgnCvEsj-UK6uJwh2949lLC4QxXTwZZK13s199L8dUfZvpBHNdLcrN9crv3ntEvKDVeKRQ8fuilA5TRoAcX-C1WS2SfxROTS6y3AqCPUgSul3_sxcuqlKZ4xfrJCb2LY492jMuLUOh6uLYes0hipI63S9mYI0bGRkKlnXsRLSxbiQPpw7IT1j2iLWN_TrMn9PjclIr3Yov71yIufa3Wrn5KURZcf0cIceUc26qhHm_Yv9NAFBDsldpTzgdS47REgyP6RmOdFEt4hg30QpseF5rv0KDDaEoOe3k3Iw0P70l8m4DLTKq_KVOkTctbDuAGw9N8NUY-gYDVf51MzjfHPvM82M9ZG2Lh6V17GYP8F8tC3l4SlGnfJL47cTx_AWNJ3vsmoCYry9SJptAmGsY1TKujMDcwROxQGcKkD7kcfiS4YoVcBAEuJN7kN54zNcuVXi9sux9_YwR79zvaROlighkS0t1tUMNo_RiJvM7ew3mBegigLRGJvSa5e7YhsUT1bqKXmdtFZWeRw6rP_0ltQ4v4aHFmtIa5yr14Ba649mvlVyA6l9CkeX6e3jfGgB2eDYPcDzvppWuLzy7-NxWjCzg0BaXWgx28OdDYxjnV24Fq4zK-MTDZ-YNZF1ENzXWKNrPugyw1LUXLK5mNHJeIH0GrcdOv--vz2AcvfQ_858caV6m8LW69T9NJvE85dF0zlW6EZOYEy4a6qSqsp8c0TKYNaHxGlf1VXClpmC4PKyLFmcRa_89-TiDvlSNs6bwVf1FvdJzK_kcsRoF0VnOXMXnkadK5XTY9sMeeBnLr-ztI4Kh9fkQcM-b5i0VJy2Tthkp8ubAiu89F6E83i6T_RPC4o__x5laRCCbZznghH4-FgSbJd53HH_I-uC_MfoZXlWjhvknU2BzURGzpeTCEVHJJI1orA1k6rbw0hF6uUzNgy1qYkfqj70vl_b_aBhXaNNspFJq_7FYH10dId1jxPOH8G76fB2d8a2qRR6XT9HbPhv7chvieMo56Ngr45gmQ7qNFTRhBvChl8ER6nRz3EjjjQOmCehxzCNPNAQF8I8nf84dZesiJW4w9bOOPKkTlqVDiPb_7AVwa6sJu01QJqqQqeEZQQzkayM2ktAl4S0aqsRyewD2DQPvINAQlOBuEd3DqpoqdXPKLXtXu9UeNYIrNijE8KUbce3TsUgGK5bm1CPw95MFaKF1VvR4XLqmVBIv7jMoXdQ_7OVzjXS2KAazBvnF0t_Uqeo-gLjW1VWQWR95xqdKt8GrF-SZkJlvaejQ4rDPUSFwKUe7_1ze-zrn_IRcVum1OX8pK9H-caDpLAbJtsE7t5kgY2uE12XI_d6SHg05cNY0IuHoue_3YxkoROEdmSozZmKXjXZpvmkzTbdJMkxoo14zKwKkVwbtORFj7vTDu5VuB9cFKiHfylOiYfGcf7W-tHw&cid=CAQSPABygQiDl7ZBT-dNvNP_Fhz34tKwW9Mk7AtkbpLaD90pK-mQ5Tp3c4jt2BylvHHHBWG4YuscmtgGXxKCbxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br&ds=l&xdt=1&iif=1&cor=1845350794517337600&adk=3507907208&idt=127&cac=0&dtd=107
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:34 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8779 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 8779 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUxPSJgUy2V19iNWKIp8w5EacNSm2DaeW5D5R78Eo_UcBzWYP79R0MfWy7bkcgkWAWbhR71nonZBiNERDEu9KgvZJ8iEQmMlpl-_gbE37UehSKIlZ4LCm3KoS7HVqjgju3Pm0bMmwHs6QmzvXT7EWIOilk9nXugxdE5azUC3dmoQtec9Q&dbm_d=AKAmf-CtUIlsVh8zoPcWlqUgD8QjthguT0rhr88Nqi4FjuvhKO1cUd-ov-GLw1st2zUpML1Y39fXrUTKyTf5haV_89hlxQPB4J_yuZhS8ar_eonZAgVqYOtCJ9l8cFeXWDD4TANDgu3AvR35rOiEbw3J4PWuJZxkS8ZXZ-CDPufTB_dej_erbXjBuPQ_BGIMfUHgF4umYkOGKhVZulqMxfgIvyvm4vfeFqu3bbZLo4yGstvOBp_BXhXqtFJAdJzyBUmTdPntlO1DmPjT-HjP-JHUqHuAlOzTRuNCBWaHg1QNxJ2YKJds9lCwMa0fpo-QeFn3xcccygarQtzG7IK2XpBGzXsjmc3LwUKgny1jQVLHGAnKQZkGpb0SOz2kCh_noJBEJVsOtVqiBV2T0c9GIykZ88rDULnmAu1nctG7VJ-2YiKSKl25A8c-kJgnbgn5g9Ro_0ETQ_rmQITSQ4Sh-tPHLjC2KKRwZ-epNdelEyELr2mEwkvjKhSsBjuHdBcoGTZvwhCcp4NHf2Dkg4sNsNCSFX4FEAX06qbv17q8cziSWW6WjMVEFMh3s2pzmlk4MRnLW1e0_WCYNu0FRhXtITEcunh4-x4wMnHL1Z1VnUagmf3-JIjqdZ_WG7p84TUyjd8yos0xr94HT8gItv2z0NctRxTfdVMF7Ck-TC36Co-ryhNqwmOe5N20HgfxJLu3aPmZVO2lEQaB3E5Q81Rx_0saJ-hfw7LskICEWDwDLso4GGE6SX3a1jbYjduadq9n8NkDTqWkQqX_3Xr0Sa7u4zx1FCb97pJv-J2Uw8i0EZKUno8LGG0_befNQrBGVM1iEr_NdW1DhBs52_V1rJnQQTt0TdDegi4JRFG877Wk88un89U97O9x730PNHYjDy_f3hPSSo_H1--B1RwDxSMG2OZj1Wne4Qb_QiBDWnCkb76s3suMty_MLXFWMeoGnfdLlc_W6hBifizx2RbYHQyE00nXU26wpKtnBgwHgkTJDaXwVec3Jt77sCDu9TMYk5lVHoIvjEgvdxkLH82juZ1E-oOKAjgjLXU-6Y0WLbMjuSQp-SIJ62vJGoTHJnAaj6uCn7400aypEKqeU_Zj_R9ADBtv1oV_vbRpUDib5hVUb_8qLRYAi7GB1z6iz_Gkm40rzuhFCDlQW-4VVkY3hm1HTJs2rOL_hPgrkVOj90pS6LQWwa0v_M-oxhxtPjo7ixSxiVQZqnioCq_zoUUePRl7cYAsjMSwqtlAh2onJd-acC-12SbdUWA1AH2szbpq5j-VcKfdsrJfYNj9w_ZDh3reSN2lWSH68deUKG-xW0Mh5jOAUX0vsTgXISweIxc75t_FBbqUGWAluBpCWGYetHNuBTQ079gn_P7nxR6_B-toDbVbULHe4eRe0xOaTkRSwaXjsRPj7Jv1sVW00tBlE-WZgJe3KrFnjR3KI4_8hedPOK_hPB-6AL16ZDNkSuyLcAqSYzmnZ9t19aZzhdKrjUKbkPUusAMOpq4Pl_i1sXH3wN8EzS3B4ozL7dOn2Fcvzwdl9gA6eWRa-saC1dP8MtNctt7_PPB_ws3qfyQK7BHQBW0TvR5RG9PV56mEbGzKv73yz3P02AAthJFnRpWHJha_2Bw2kAgfzSvqRt6-ifpjgbC-adHHC2wORQM6uLOsddKCmHOYBk61-gKYSK4t7afAiOUQONVCANdQsEvWRJMa6DsiayoBBZosEOJwZPOIz79Kz-CKzsa83AJ0XaU_DexaUIaxh32q0NSLn7iDfglbTeMiYNraWoowgdl-5KXt1KMIQVg7iGAiX6p_Pi_S0hvleOtSzebIsr7b_Q7PgCqK9UvUAD3rGqOo4T4F6YuX7wv5adCPJ815TN2tTit5FRlqNHVw1xvUl3Zj01aW4cUsRTaI_VjqgpUwgeUjlAxD_BOMW39XtRarN7PjBKDfZAqS-0eh30M97psNYzMjTfohKNx3P_NiiHvx6bJWq58lMacw5fg-vLO1i6VUZFwaGyF04ifwxsvXy-NJ_cws_fFZ1igYyIyrCjwgyDnYd8e0LGkgZbnHPEdhjY0UmpEoVntio53FqJFzRGvhCX79Cb-gXJKGWC00KS44dRT2PxGw3mvRCphB8WL3nNbRI4S6vYQvWl8YZ-1ka0pMjHmE1QtZWrkdCSDkIz1ihJ0QnQaxxnUmaWaxGdgF872kjEKo6-C6u-m8rY7icP1_VL00G5l1-LlxIgtvyuFlwCYX3nKP6FtnhGBMc8TkZp5FJYPzSRWyQK00_XzT7TO71HbC6PhMfk-3DVKVPBvcRbrjXiq95Nd0880YJrqsOTMaYIHwxpGimj_mrEa1dnNmn9LrkAHOa7O6p3m8KJlart8cgFozBpdgvBo2lyyz7h2zXSLvMxccLuYjksD_v9rjBDp4UYjFYqWpIApUXKVwO2EJQ6gP6mNGPCsdYjzmEv4_CaeKvz1wr-uy8zrqN-JIvygsKJaDhEMel86sAXiaqIZBnNkUH1J-43T1-Soz76w8iO05opoew9HbtYkSpkyEM_Gnp5pGR3LRLHXcMUpmY2SWTz-9zEUOpRkc_-sSoCkg5tOiyKwRRdwzLvJLz8j1XqWaQx66_CgVoUVfQGYSFdBDUtNx8DpNKrXzTU8U2ptxLfpnLVV9idh_pPDSa935-i6OYREC6rAKvZe-6ymfzZ8LEhQHTLPtlA5yTC6vXTef0ics47f04axXOMkLJSo3bJPpNaOAYn2Uo_qJv0jWTM_4DVR1pV89USNZPbvmX6WdoGG8lGWQt3dKG3kW_Nr_XsxZ1A3DSn2Cew9ro5vjR3CVJG7AgVg1wPwkOPh9U0lhuqAYFMXybf2iJjh002CKAyHD4Xt61kZhVCDl7bFa8ci2Rk4_rqq3GtfqWdXOwIN1hXwmDQNZOhgMUNNU9BDiRAaKqHTbHKjzBb3EthlctWmUnCw-buRUdSy_slV_tU6N-i2vzQ0mRnpI6e29uZeTlDlo34Q45Ikx6g3YcmJ_Exy9nrAYXZwBgJhylA6ofOBwcGLrMsaA5p2FqASSICJ7IoEXxQF8GZgLDZWiOhubyIbgAVYCgf7qLkk2nqM1u86k13ssd0mOcXvEQlTRqy8ESocAjMQvWhImIAQO19BQ0OKCpU69ibfuWier5Kja-XjlkNYQoemeODIay2FxznhaO0l75nUabQmotPttpm1u991LY34pMUd089Qo7cldjbELbvWEPtjf1-Idps13NZjYkF6m4M-9NeuyzqE8H1aRATOhkYk44kJYjSKFEAmTMfRqK0gVuddK8qKjTwk4eofQSLH5PPE9UgCy9pa1MYOtbOP_Bg5SqNCp6HGpkvHlnYoZpxGUmS1qZxXpc-Uyudzf2ixMiftTNu8AX8COLUPDhjM0sQbGQc4pPMCPOQOqvvak7LkWxhxxJqF1Spo2TDYssmTl0T0kZNcGDl-0-6DsrPs&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDTOc65N7ZUjZDuAXlqz6Tt9qp9HFlO2tYgRP8OQMIygk9V2laGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=15107947211301724000&adk=607433789&idt=90&cac=0&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 8779 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUxPSJgUy2V19iNWKIp8w5EacNSm2DaeW5D5R78Eo_UcBzWYP79R0MfWy7bkcgkWAWbhR71nonZBiNERDEu9KgvZJ8iEQmMlpl-_gbE37UehSKIlZ4LCm3KoS7HVqjgju3Pm0bMmwHs6QmzvXT7EWIOilk9nXugxdE5azUC3dmoQtec9Q&dbm_d=AKAmf-CtUIlsVh8zoPcWlqUgD8QjthguT0rhr88Nqi4FjuvhKO1cUd-ov-GLw1st2zUpML1Y39fXrUTKyTf5haV_89hlxQPB4J_yuZhS8ar_eonZAgVqYOtCJ9l8cFeXWDD4TANDgu3AvR35rOiEbw3J4PWuJZxkS8ZXZ-CDPufTB_dej_erbXjBuPQ_BGIMfUHgF4umYkOGKhVZulqMxfgIvyvm4vfeFqu3bbZLo4yGstvOBp_BXhXqtFJAdJzyBUmTdPntlO1DmPjT-HjP-JHUqHuAlOzTRuNCBWaHg1QNxJ2YKJds9lCwMa0fpo-QeFn3xcccygarQtzG7IK2XpBGzXsjmc3LwUKgny1jQVLHGAnKQZkGpb0SOz2kCh_noJBEJVsOtVqiBV2T0c9GIykZ88rDULnmAu1nctG7VJ-2YiKSKl25A8c-kJgnbgn5g9Ro_0ETQ_rmQITSQ4Sh-tPHLjC2KKRwZ-epNdelEyELr2mEwkvjKhSsBjuHdBcoGTZvwhCcp4NHf2Dkg4sNsNCSFX4FEAX06qbv17q8cziSWW6WjMVEFMh3s2pzmlk4MRnLW1e0_WCYNu0FRhXtITEcunh4-x4wMnHL1Z1VnUagmf3-JIjqdZ_WG7p84TUyjd8yos0xr94HT8gItv2z0NctRxTfdVMF7Ck-TC36Co-ryhNqwmOe5N20HgfxJLu3aPmZVO2lEQaB3E5Q81Rx_0saJ-hfw7LskICEWDwDLso4GGE6SX3a1jbYjduadq9n8NkDTqWkQqX_3Xr0Sa7u4zx1FCb97pJv-J2Uw8i0EZKUno8LGG0_befNQrBGVM1iEr_NdW1DhBs52_V1rJnQQTt0TdDegi4JRFG877Wk88un89U97O9x730PNHYjDy_f3hPSSo_H1--B1RwDxSMG2OZj1Wne4Qb_QiBDWnCkb76s3suMty_MLXFWMeoGnfdLlc_W6hBifizx2RbYHQyE00nXU26wpKtnBgwHgkTJDaXwVec3Jt77sCDu9TMYk5lVHoIvjEgvdxkLH82juZ1E-oOKAjgjLXU-6Y0WLbMjuSQp-SIJ62vJGoTHJnAaj6uCn7400aypEKqeU_Zj_R9ADBtv1oV_vbRpUDib5hVUb_8qLRYAi7GB1z6iz_Gkm40rzuhFCDlQW-4VVkY3hm1HTJs2rOL_hPgrkVOj90pS6LQWwa0v_M-oxhxtPjo7ixSxiVQZqnioCq_zoUUePRl7cYAsjMSwqtlAh2onJd-acC-12SbdUWA1AH2szbpq5j-VcKfdsrJfYNj9w_ZDh3reSN2lWSH68deUKG-xW0Mh5jOAUX0vsTgXISweIxc75t_FBbqUGWAluBpCWGYetHNuBTQ079gn_P7nxR6_B-toDbVbULHe4eRe0xOaTkRSwaXjsRPj7Jv1sVW00tBlE-WZgJe3KrFnjR3KI4_8hedPOK_hPB-6AL16ZDNkSuyLcAqSYzmnZ9t19aZzhdKrjUKbkPUusAMOpq4Pl_i1sXH3wN8EzS3B4ozL7dOn2Fcvzwdl9gA6eWRa-saC1dP8MtNctt7_PPB_ws3qfyQK7BHQBW0TvR5RG9PV56mEbGzKv73yz3P02AAthJFnRpWHJha_2Bw2kAgfzSvqRt6-ifpjgbC-adHHC2wORQM6uLOsddKCmHOYBk61-gKYSK4t7afAiOUQONVCANdQsEvWRJMa6DsiayoBBZosEOJwZPOIz79Kz-CKzsa83AJ0XaU_DexaUIaxh32q0NSLn7iDfglbTeMiYNraWoowgdl-5KXt1KMIQVg7iGAiX6p_Pi_S0hvleOtSzebIsr7b_Q7PgCqK9UvUAD3rGqOo4T4F6YuX7wv5adCPJ815TN2tTit5FRlqNHVw1xvUl3Zj01aW4cUsRTaI_VjqgpUwgeUjlAxD_BOMW39XtRarN7PjBKDfZAqS-0eh30M97psNYzMjTfohKNx3P_NiiHvx6bJWq58lMacw5fg-vLO1i6VUZFwaGyF04ifwxsvXy-NJ_cws_fFZ1igYyIyrCjwgyDnYd8e0LGkgZbnHPEdhjY0UmpEoVntio53FqJFzRGvhCX79Cb-gXJKGWC00KS44dRT2PxGw3mvRCphB8WL3nNbRI4S6vYQvWl8YZ-1ka0pMjHmE1QtZWrkdCSDkIz1ihJ0QnQaxxnUmaWaxGdgF872kjEKo6-C6u-m8rY7icP1_VL00G5l1-LlxIgtvyuFlwCYX3nKP6FtnhGBMc8TkZp5FJYPzSRWyQK00_XzT7TO71HbC6PhMfk-3DVKVPBvcRbrjXiq95Nd0880YJrqsOTMaYIHwxpGimj_mrEa1dnNmn9LrkAHOa7O6p3m8KJlart8cgFozBpdgvBo2lyyz7h2zXSLvMxccLuYjksD_v9rjBDp4UYjFYqWpIApUXKVwO2EJQ6gP6mNGPCsdYjzmEv4_CaeKvz1wr-uy8zrqN-JIvygsKJaDhEMel86sAXiaqIZBnNkUH1J-43T1-Soz76w8iO05opoew9HbtYkSpkyEM_Gnp5pGR3LRLHXcMUpmY2SWTz-9zEUOpRkc_-sSoCkg5tOiyKwRRdwzLvJLz8j1XqWaQx66_CgVoUVfQGYSFdBDUtNx8DpNKrXzTU8U2ptxLfpnLVV9idh_pPDSa935-i6OYREC6rAKvZe-6ymfzZ8LEhQHTLPtlA5yTC6vXTef0ics47f04axXOMkLJSo3bJPpNaOAYn2Uo_qJv0jWTM_4DVR1pV89USNZPbvmX6WdoGG8lGWQt3dKG3kW_Nr_XsxZ1A3DSn2Cew9ro5vjR3CVJG7AgVg1wPwkOPh9U0lhuqAYFMXybf2iJjh002CKAyHD4Xt61kZhVCDl7bFa8ci2Rk4_rqq3GtfqWdXOwIN1hXwmDQNZOhgMUNNU9BDiRAaKqHTbHKjzBb3EthlctWmUnCw-buRUdSy_slV_tU6N-i2vzQ0mRnpI6e29uZeTlDlo34Q45Ikx6g3YcmJ_Exy9nrAYXZwBgJhylA6ofOBwcGLrMsaA5p2FqASSICJ7IoEXxQF8GZgLDZWiOhubyIbgAVYCgf7qLkk2nqM1u86k13ssd0mOcXvEQlTRqy8ESocAjMQvWhImIAQO19BQ0OKCpU69ibfuWier5Kja-XjlkNYQoemeODIay2FxznhaO0l75nUabQmotPttpm1u991LY34pMUd089Qo7cldjbELbvWEPtjf1-Idps13NZjYkF6m4M-9NeuyzqE8H1aRATOhkYk44kJYjSKFEAmTMfRqK0gVuddK8qKjTwk4eofQSLH5PPE9UgCy9pa1MYOtbOP_Bg5SqNCp6HGpkvHlnYoZpxGUmS1qZxXpc-Uyudzf2ixMiftTNu8AX8COLUPDhjM0sQbGQc4pPMCPOQOqvvak7LkWxhxxJqF1Spo2TDYssmTl0T0kZNcGDl-0-6DsrPs&pr=8%3A81198B6BB98A1740&cid=CAQSKQBygQiDTOc65N7ZUjZDuAXlqz6Tt9qp9HFlO2tYgRP8OQMIygk9V2laGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=15107947211301724000&adk=607433789&idt=90&cac=0&dtd=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8779 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame 9275 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=vrdczbx&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:34 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/6720283131112325120/ Frame A79C 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:20 GMT
x-content-type-options
nosniff
age
513194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:20 GMT
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/911325707060117504/ Frame A2C4 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 03:55:02 GMT
x-content-type-options
nosniff
age
214832
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 03:55:02 GMT
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=1209&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A0%3A673&aa=1&ad=1023&cn=1023&gn=1&gk=1023&gl=1023&ik=1023&ic=1023&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=717&cd=717&ah=717&am=717&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=203695&na=599070268&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:34 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 90E5 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Origin
https://nucleads.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 90E5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQhjWZZVxpAnGJXtrkYaKjqxyS_HvRfeCoedxfT3XjbBhjUUgU-5OxcnYmXlO-YEklryK6GawVM8NTr4nTqqA2Vl4IkGND0lgn0KtAsZN9ODJJVcZSwUJx1BULyYlv4LtskkwqA9nwp5KpbBBX9aqgPT63m3XJ1SRLIw9isBLdh6QZOE4&dbm_d=AKAmf-Auc4YewtcY2G3oqmkby6axQrUAIQpm_wg59AyjBoOV6Tpvrt7SuM-iqR4SvzZzrAKfRBZpJ-HdJpTMzu7rrOG7DwZv7hPf-XS693O7YBb49__992XtLdLga7vE8ZGs7yPtq26ffuGquf2J-q8fzlnPr4S0tovZ9kOUYIowxEV8W9oJ3CksIxLX4hNFaXcnDK78I6XbZUeIR8HFqm-L7ZE-r-Ik4tDRaXqXuNhPTLVqBxik0dXZ1NjRWUv60M_0th9F_5dDBCKDdSBKpU1ryRmCEo2XEW-oFih2cJw6JymKKuwT0nDPJKOHrUZ2HWRv_QmSIpWvPtXGJd6OL4qjk4Ae00vY6-MONJPTZHE7cR4l8ESHqpdkjalo2A7RkwXi8cFFiltOh6JI5HShVgLeyefv1qessq8t7TozaaIGDnt96Z4lYPSGsIq0ym08SakDOQ3tH5JUO7WvbkMdDlBxL2vTj9CNeWeD4rjwSxYctLVZvNdEgLN_0jzFAW_OjGq5aOmE__ZEHTJNe9vFB36NP0-drs_tY7gHaz-jbNqR1vAAsb7S3_yM1xn_HmM0VPdoc8GMl-2zWgLRuDo-0ZLex6z1CrfAwXekRCGInpibRluzbAG-28IKm7q4ZlRfDfAwRbMcG9zbq_qMDXj5KawtOKWgn1fmTGxSC9--gvfm2hqiXx0u8QPvo_6-HAFqyA7F41Ue5hPVVhYTajitHBFqj5lGLJQmwJRyHj-Y-6On9kzLD3EXUnDiiiEQdI93kTS1oYHSmk_yoeCfA4NEvC4FOt_Am-o1fDcdq030wKzBrHgPDfDuMtNNO4ej8TdyzB8qTIPpxKF6a-Ku7h3ux6ToPiJga0GEVbbO_VP205lx4nOzMjH2jBVwiDWI0iFc36pOSKlzVxVIZ19Yeb2Hsnqmz1Ol7q4mgVbFlUwmCE-Sn3sUAuYVe2HZ1zgSS8o8W5WCNTPI8k16KWVM0GMP2GUABdGva3ldyvP0PCCO1tsgZWf6c_Rk8b652SuId_xD_bzG2GhJykbUJTY0z8ySsLbLWEfPpz3J88WTg0SIMSUngS6-jbzqXR8new4b4iHZao7VmsjAaVySMmgKArMhcN7mA1nDJtR4zEnQwHtACZeritVa6HfPeVXYYETj4tB61qaEzFNuyqyJ6TJ6Th9uSnjtd0MQjxwGIWlEkvHxeIBge32AnFv5Eh3ZzgwfIt_u4TgZSIVlm-xILxRAXROzXgYM4YC9eN0WwCDO8UPc3iTtd-eLXkZtyZ5znoZ5CS8i_sKAbeKNyA8vHewfn4_AFtvkk-j6ZBkmR3nJJowmdNV6Niv-WxgOcr5WgoYWyR7blC9MQJXVvNb-BFr-SkqcLfdqFXkQSCuOROeDC2CsKdMeNZbEURIl0gS_4wjC8qu-h7tcs08i026RVf_L978Qn6z3-wk4hgQr0Dp29rqGjGh_LCPytlNownmhUVUhj-WlZ8XxMjDisvFPvKMkLVlx0zwWKjbXL-WYg2jQF_GnCSudXmqycuZXrTdOSp5leGUF_M_BZQY9Z3HmKqx14vFae2fNIclSVvyPi0ykEYzLKTo6eXo8lZZB8yu-Lty7DORuk0pUZ_tDABFaAKHfhSTGe1G4Nljm3xLuwlAtAtz4_PJwyUSAMa4nxkkxeylT8TnGjAXr06a2nhcLGWt0vA7oJikzISY37CtjN_vjQRzHWMSKmAOk5p7wOiF-CJEnRoyvjtw4MdMeHTOhRb8TLlpFLZNmQJyZRI1YEj5_82BzmwD7O9TgZmeWO9smfP52QCJR82ul2ou7__opK7fFk3yQJT_GjD5U1crfwes_ju27_VQH96t7wye4evvcFvJ_VhaV8lazu87E7KjI73_zrECldQ8oG2AaYQFYzJdRg-0JgNkCFf0jUXXwb9HefTLc-dKl2O1mc9f2UUFoTEauIODWOqdWxNHvuGRzkSgOHZ3NCRQQUXUW-JWeUtndlPk_1JPLeCATrp1bVpOcMhsu4i_aKgY-aQPDzFoXTMze_6hlUCTuzz2GE8dikHDdLHJZHl0tAr4yXDt-49sv0WGc7i3374dl7geqPvryJILbrA70-aHDuB3pBxRSuwTIqU8pum0SAzSwLBGfxs13njuHvdP06ggHRiKn16K95OmLaWJuSFegOS7rCjA4YQqFnCXVSxn4Gxeuxtd-PzTt1U1jGFL06Gbg4cJLa4YJj_abjz4ziKiFE8Yh_areveuyOEO5IR6vgWvGtO2a7yUHIurz6TTXkiFSYf9OB53lbr-2AX3Q48nLUr-gAGnA--I-QQq5IsCKxlw0TL-WWB0BaHhXc35E3Z3r0eTSHgVETc-ey5R4Bsghvjz97U3G9KaEHbqYlZ4EbvnB-qU3T16Rfbui2rFne9m0qHxfk08KOc72u-Zm-f-f6rzbJtPTN07e9r8RgZ-3MZt5tHSBUC4BdtP2h2Z1-j2CW_ykx3HHTVom_qSnxN4G5_PL2OY2rFTT9Ob_bjptEuHssHvZ9HxHhogbpWWUgBcU-vKUFps7Dux2IjutHX2DX00Cf__LLpeQWDSOufPT5XOH2m7y_ayi_-zq9m8tldQ8v1rjUaebpwXJWW_SxACAEMCDL5w4fEtmslQTz4HKXjUf02DHZfIS9nNfkZFc0uW0gmoieXar2peEZ5ez6NKId50CRcq8AS8HB1bp3uJv39kYL1DntweocSNG8bXImF0Oam8bxDXVDUNMUMUWCtCFu9TT_Oc6eGVTj7xUYPR9ojreIYFCMC3n0CsOev4PH0NoI-T8Me2p9Zo000JoqbLe1vZGvmbGKh6xDdh4aoerkRUmA1PvMYzOCR8WvK4uZYRcg9QMqkFPdZHGnz0mNVFqWQXqhy6SRkCRT1_0ltbsQyeBnDvFAR6YBnYdS6pKhMfWLLmjtBlYB0lPedHBllUqnKxD6xDBDiEuYd_Kzr44LRsYi7GzXFz7QIPqINsbB2qFWZn5PNUkpe3nEC_mMLaSVb9q_y7Z7TeUXjxfRybJwhuW1cvbc6q0tkWdsMXTHBejoIgGJy7OTiYOihgHsG4K2pSDYPhHjIyp3zJiIKyjoR2BtU0hqIQUrMJ2IbmUu_DTEsiaUWgnKIz-8r7las8gMC_p1i30bjC9SYhMXFSYrpVHmY4LHx7ETelDevhTu_LnrfCVSjPEsP-pbmnPCN1GyBZiRtzhsXVJe3wG9UO2JJSmKbpdrmrFufqJRHgt84Bu2WIDbfG-9Z9IA57xdwnyzZ4nP23K5e8n1mRvuIYH1epvS7Mjn_3TLp41U4dtzsU0lT77Buv3chgjl-oPOBJDze5Fp4HUMD_QcLObIWoq2GZ3U4V2mCm3B4N7c6ttyPoowgX6384-9UxQPK6uwS3w_9rgPq7qM3pUhuIbKZRIifWON_xBDx6z2RKL6--8IJVucuvr5aTvYPazJxXjiIjKIzpDl8mzA40&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDUkHpv3U6T3qje9oZF_pW4gOtTW4DtUGffUZUhavII7MBerbvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=17805734626571071000&adk=702366857&idt=131&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
5499578052516643378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 90E5 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQhjWZZVxpAnGJXtrkYaKjqxyS_HvRfeCoedxfT3XjbBhjUUgU-5OxcnYmXlO-YEklryK6GawVM8NTr4nTqqA2Vl4IkGND0lgn0KtAsZN9ODJJVcZSwUJx1BULyYlv4LtskkwqA9nwp5KpbBBX9aqgPT63m3XJ1SRLIw9isBLdh6QZOE4&dbm_d=AKAmf-Auc4YewtcY2G3oqmkby6axQrUAIQpm_wg59AyjBoOV6Tpvrt7SuM-iqR4SvzZzrAKfRBZpJ-HdJpTMzu7rrOG7DwZv7hPf-XS693O7YBb49__992XtLdLga7vE8ZGs7yPtq26ffuGquf2J-q8fzlnPr4S0tovZ9kOUYIowxEV8W9oJ3CksIxLX4hNFaXcnDK78I6XbZUeIR8HFqm-L7ZE-r-Ik4tDRaXqXuNhPTLVqBxik0dXZ1NjRWUv60M_0th9F_5dDBCKDdSBKpU1ryRmCEo2XEW-oFih2cJw6JymKKuwT0nDPJKOHrUZ2HWRv_QmSIpWvPtXGJd6OL4qjk4Ae00vY6-MONJPTZHE7cR4l8ESHqpdkjalo2A7RkwXi8cFFiltOh6JI5HShVgLeyefv1qessq8t7TozaaIGDnt96Z4lYPSGsIq0ym08SakDOQ3tH5JUO7WvbkMdDlBxL2vTj9CNeWeD4rjwSxYctLVZvNdEgLN_0jzFAW_OjGq5aOmE__ZEHTJNe9vFB36NP0-drs_tY7gHaz-jbNqR1vAAsb7S3_yM1xn_HmM0VPdoc8GMl-2zWgLRuDo-0ZLex6z1CrfAwXekRCGInpibRluzbAG-28IKm7q4ZlRfDfAwRbMcG9zbq_qMDXj5KawtOKWgn1fmTGxSC9--gvfm2hqiXx0u8QPvo_6-HAFqyA7F41Ue5hPVVhYTajitHBFqj5lGLJQmwJRyHj-Y-6On9kzLD3EXUnDiiiEQdI93kTS1oYHSmk_yoeCfA4NEvC4FOt_Am-o1fDcdq030wKzBrHgPDfDuMtNNO4ej8TdyzB8qTIPpxKF6a-Ku7h3ux6ToPiJga0GEVbbO_VP205lx4nOzMjH2jBVwiDWI0iFc36pOSKlzVxVIZ19Yeb2Hsnqmz1Ol7q4mgVbFlUwmCE-Sn3sUAuYVe2HZ1zgSS8o8W5WCNTPI8k16KWVM0GMP2GUABdGva3ldyvP0PCCO1tsgZWf6c_Rk8b652SuId_xD_bzG2GhJykbUJTY0z8ySsLbLWEfPpz3J88WTg0SIMSUngS6-jbzqXR8new4b4iHZao7VmsjAaVySMmgKArMhcN7mA1nDJtR4zEnQwHtACZeritVa6HfPeVXYYETj4tB61qaEzFNuyqyJ6TJ6Th9uSnjtd0MQjxwGIWlEkvHxeIBge32AnFv5Eh3ZzgwfIt_u4TgZSIVlm-xILxRAXROzXgYM4YC9eN0WwCDO8UPc3iTtd-eLXkZtyZ5znoZ5CS8i_sKAbeKNyA8vHewfn4_AFtvkk-j6ZBkmR3nJJowmdNV6Niv-WxgOcr5WgoYWyR7blC9MQJXVvNb-BFr-SkqcLfdqFXkQSCuOROeDC2CsKdMeNZbEURIl0gS_4wjC8qu-h7tcs08i026RVf_L978Qn6z3-wk4hgQr0Dp29rqGjGh_LCPytlNownmhUVUhj-WlZ8XxMjDisvFPvKMkLVlx0zwWKjbXL-WYg2jQF_GnCSudXmqycuZXrTdOSp5leGUF_M_BZQY9Z3HmKqx14vFae2fNIclSVvyPi0ykEYzLKTo6eXo8lZZB8yu-Lty7DORuk0pUZ_tDABFaAKHfhSTGe1G4Nljm3xLuwlAtAtz4_PJwyUSAMa4nxkkxeylT8TnGjAXr06a2nhcLGWt0vA7oJikzISY37CtjN_vjQRzHWMSKmAOk5p7wOiF-CJEnRoyvjtw4MdMeHTOhRb8TLlpFLZNmQJyZRI1YEj5_82BzmwD7O9TgZmeWO9smfP52QCJR82ul2ou7__opK7fFk3yQJT_GjD5U1crfwes_ju27_VQH96t7wye4evvcFvJ_VhaV8lazu87E7KjI73_zrECldQ8oG2AaYQFYzJdRg-0JgNkCFf0jUXXwb9HefTLc-dKl2O1mc9f2UUFoTEauIODWOqdWxNHvuGRzkSgOHZ3NCRQQUXUW-JWeUtndlPk_1JPLeCATrp1bVpOcMhsu4i_aKgY-aQPDzFoXTMze_6hlUCTuzz2GE8dikHDdLHJZHl0tAr4yXDt-49sv0WGc7i3374dl7geqPvryJILbrA70-aHDuB3pBxRSuwTIqU8pum0SAzSwLBGfxs13njuHvdP06ggHRiKn16K95OmLaWJuSFegOS7rCjA4YQqFnCXVSxn4Gxeuxtd-PzTt1U1jGFL06Gbg4cJLa4YJj_abjz4ziKiFE8Yh_areveuyOEO5IR6vgWvGtO2a7yUHIurz6TTXkiFSYf9OB53lbr-2AX3Q48nLUr-gAGnA--I-QQq5IsCKxlw0TL-WWB0BaHhXc35E3Z3r0eTSHgVETc-ey5R4Bsghvjz97U3G9KaEHbqYlZ4EbvnB-qU3T16Rfbui2rFne9m0qHxfk08KOc72u-Zm-f-f6rzbJtPTN07e9r8RgZ-3MZt5tHSBUC4BdtP2h2Z1-j2CW_ykx3HHTVom_qSnxN4G5_PL2OY2rFTT9Ob_bjptEuHssHvZ9HxHhogbpWWUgBcU-vKUFps7Dux2IjutHX2DX00Cf__LLpeQWDSOufPT5XOH2m7y_ayi_-zq9m8tldQ8v1rjUaebpwXJWW_SxACAEMCDL5w4fEtmslQTz4HKXjUf02DHZfIS9nNfkZFc0uW0gmoieXar2peEZ5ez6NKId50CRcq8AS8HB1bp3uJv39kYL1DntweocSNG8bXImF0Oam8bxDXVDUNMUMUWCtCFu9TT_Oc6eGVTj7xUYPR9ojreIYFCMC3n0CsOev4PH0NoI-T8Me2p9Zo000JoqbLe1vZGvmbGKh6xDdh4aoerkRUmA1PvMYzOCR8WvK4uZYRcg9QMqkFPdZHGnz0mNVFqWQXqhy6SRkCRT1_0ltbsQyeBnDvFAR6YBnYdS6pKhMfWLLmjtBlYB0lPedHBllUqnKxD6xDBDiEuYd_Kzr44LRsYi7GzXFz7QIPqINsbB2qFWZn5PNUkpe3nEC_mMLaSVb9q_y7Z7TeUXjxfRybJwhuW1cvbc6q0tkWdsMXTHBejoIgGJy7OTiYOihgHsG4K2pSDYPhHjIyp3zJiIKyjoR2BtU0hqIQUrMJ2IbmUu_DTEsiaUWgnKIz-8r7las8gMC_p1i30bjC9SYhMXFSYrpVHmY4LHx7ETelDevhTu_LnrfCVSjPEsP-pbmnPCN1GyBZiRtzhsXVJe3wG9UO2JJSmKbpdrmrFufqJRHgt84Bu2WIDbfG-9Z9IA57xdwnyzZ4nP23K5e8n1mRvuIYH1epvS7Mjn_3TLp41U4dtzsU0lT77Buv3chgjl-oPOBJDze5Fp4HUMD_QcLObIWoq2GZ3U4V2mCm3B4N7c6ttyPoowgX6384-9UxQPK6uwS3w_9rgPq7qM3pUhuIbKZRIifWON_xBDx6z2RKL6--8IJVucuvr5aTvYPazJxXjiIjKIzpDl8mzA40&pr=8%3A0393A9E3EFF2D21B&cid=CAQSKQBygQiDUkHpv3U6T3qje9oZF_pW4gOtTW4DtUGffUZUhavII7MBerbvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.dicio.com.br%2F&ds=l&xdt=1&iif=1&cor=17805734626571071000&adk=702366857&idt=131&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
76691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11316
x-xss-protection
0
server
cafe
etag
309758756414748794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Jun 2023 18:17:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 90E5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 17:25:31 GMT
usync.html
eus.rubiconproject.com/ Frame E34E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: nucleads.com
URL: https://nucleads.com/r/p.html?f=njertjyc&e=1992969008185
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:34 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame AD81 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/911325707060117504/ Frame 05A4 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 03:55:02 GMT
x-content-type-options
nosniff
age
214832
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 03:55:02 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame A2D6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 0627 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4CF0 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:34 GMT
index.html
s0.2mdn.net/sadbundle/911325707060117504/ Frame 431A 		319 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd40536f9ae7dcaff774a1fddf4b78dcbda027dd4d830f0d931949aefdea7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:34 GMT
expires
Sat, 15 Jun 2024 15:35:34 GMT
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4CF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7vQc5-lsf6H-b71Xvm_zn_ycdJ6lR1KK4nvlQPxXLnvf9LZfgxc2eGu8jQo8el0tNmcEcoKlin2Y2wzasMgjXiX1IkCOuUEdMAuAtHAxqt2RhUuOmcctzCZOMVCb2O6RvWiCjPtCWxnJ0QsEKTbtiMAubiKbsbQBOQ0I0xcwV54k67E3ZdiO-V0qEz4V6DeO-nouT8IhkVR4NO_VK-LEsbANhgbr5iXYl5BsOdN38EGxWyNFxGqvvlm-JM8x6ZFiMBeahr232F9xVSVT6QiowBjBDefJQ1cN_5PLqH9_3OUTKUJgh83B6dJfLPXoFFZT3taEw_ZGQm_hthgPTSvFqI95cEUAxrWgYIcs5BO0BXW13IXAnIyGg0hyFqoEJ0HvF2JoChgNRD87f-527MBO82HlkGV8RTIru2jc1a042jT8M6lu4zbnyiKrp5x8LRa5RDVCTL9RQVtcJKn2s54LyixsuNa7TYUodWhP3ZaaR-zkwgilphgtjHR4WHqkiohcbnhEuOV6S23eUQ1evuiLXVIrRvyF9HTZDeHJ0-0ZTHUBDvsOMGj1If3dSJ-1Bgtri18Vbg2QXfuyZ1s66oUonMD1iNZMgf2P1PTeQSdT-IfZO18rAqLV0pOVa6rHL_tf4Bw9zOdWYLevLmvPlpfuatM8JhU85pZM3Hg9BGNvmEcCdxNzzQAOvOScfUaIfyE8mPWw-Q8wlhfXjLAuED930yhG2L574kfd6EhHLN8Jj4F9stxlbgbUY3VHF85H6ApWHUr9vSVeg-daVmqH7Vnl-SoQDvlcbt6H1HhrK1lmVhn1vjS97D5O2_nUyxuiRuISaTCONAA0tirbf4UK3woJMCQJz-y8pQY35RN_yhNBUoCCXEyvnp8b9PMLT7oovBqDHrHpRe2R5ibf19wngVQG9S1yTzbETiYL4Lp_BAEjly1wJqnNq7_iaxOTuOb59ugZpKcub6A9Tqr4KIeIXLmY32vyZKkXdPXJe7J4ZWpn-ACOrGTXlB7TJqS4lQOgNw2IAmIV0dAUvgkSOOB-x5CPe-yJ8P4n7E3odzR7qhEddsugCAJnO49C2ciVuplph_yHXtCfukuzzzqfFFrmCYpVjuxDP6Ovu9ROuxINaC62WiEZehzM5zU8iZPrOn_92pbcloqsnY60GGd6lkgkQEhdcjJJKafQhr825MLwQLnJN&sai=AMfl-YTnQCYjQFzeNkKsEqXtC2L6834m2PzvhF0EzOrzPwkSfI27B6RP6wpmvnrDQniHYCApdo-Zp1UGHszSNecZUGf97nVHV0m9Y0UFMF_WxYy_X8U09FBWOSng5Hgb0TCqLPMlWMKMqZ1iUn7DiUDNDtm2D8xtmqPrqtInw0jJKhRSF7XklUmSbFqRhaorTBNQ-20JRG-3vGm3&sig=Cg0ArKJSzFy227sur70-EAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=606&cbvp=1&cstd=589&cisv=r20230614.23756&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:34 GMT
usync.js
eus.rubiconproject.com/ Frame 9275 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74396
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929734485&oz_l=492&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
googleads4.g.doubleclick.net/pcs/ Frame CF11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAC5ikFux-v3QJfV1yyPHwk8OqFoLr9WeiqAey1oUOXypJryqi57BeK2pCDs3crHh9SHsSKgW2bGLKjOHhtF_oTfEMLTHyrsUZRTnC9wQYPyF8PkE7fufmfRcS5CihdkVhG_1BUAeYQWBkZctbrgShJ3VAOCJyTScMob-CDx78jOTOfpmhUcW4_uC6ccWpE1XemoWDrAUq6TImiR_FbDUxPg75dQJnfY1TNly3otwOriEBJuM6F4SgCE6kMZruXoHoXHNz9KakcmaXiHcvPh64ecO1m2-Scm2hyACo-7bxg6tNLzk6X10jYE5-lJOQ83Lx8o-71Cw9fGqBNNFLyBMHuaw8OS2WMiXyrO3VzWi8p6I_TrVu3UwnHFsjQHj_V6BLIM6duZJnZBuT7_IIPv0uS7qDtgRYka9VLVpl6ZyQASJ7qg3MOoO5Z2tUlIWZaB5gA0xdxFipWH5keV0fSyrDVq7H5TIGhr9lAhI9Ubow5xcBQn4Ur9eTSPXjMfF3hGe6KqlS--CPWsVYDjGpRz26CcvQq1m2Qc7P3F-BRxQMXpAd6I_yJw6k_Xt5A_L9Rm3a8TlrqakjriJVyQS7soBGUnbD8D0XnGGfISvVOjsnG8AKqY7isCN9SzZKxqflfY1-HOfiIQYdY6JzEcs4bve803tynEcqWwLYn_KnEHV-wWEmnJnK98OwPTCN-s7NvUOoMaanWp-Z7VePknZ85Thy3fi2GyGnNFjpEt5q6u6LVF3b_HvAbP36cRrtb-Bi0NYMGV6q6NvqX_injt2GAq6DVymw1HlZ-einm5XdlebFggDwFc3oxswAWv4hPU3kT-uRdvu1MugsK3U32zeN2Da1ZTg1uDHI_fKR3xKSJYNaYbr-whEa6OVA-hlnM22SNHcfwMEJncbdcoET4uDhfC9feSkpUHlh3LlkcK-t0R1ZVCjPWwH08dqUyR34MznwLVndVFzMmK3mgVHrbavZYEUDB3vPlbRPy688mq4s9BasAq9l4kngLjsaqbSqtbbY--pfR72YVOgZtOfNfNTk4nssVpty5pd2Fj-FhqRZQ4tCMsxxqUfESeHpZ_tgdl7CpvC7cvQJAQydsMGNxLrbE3aDTipUlJseBrV26ZknWqtD9sYGvq_XFqAiFGL4OdeJTIO1zLphN5t-FyPILRuDbmcFQvHtfvJBE_MD4RNwSpOsk98&sai=AMfl-YRkjMQ3TymGW_qQLTDB1L4iXpBldqU85ior5gjdypUaEhMz9L0m8r0H2Gpszg2U9Ua_jele8zQOrcIDPRW8vOX79Ss4HttHVvdwfLbDcJEntU0DAif3U8Yh7ksfbPX8lNyJDwQnWObDr4dFzyeJexjPcbixQAQvYlVrs6Rmsy7HcU8A0XQBtZ6Z0ROTPnn79iCR3B2BpDeN&sig=Cg0ArKJSzHbmhFqMTksREAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1610&vt=11&dtpt=1082&dett=3&cstd=515&cisv=r20230614.57006&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:34 GMT
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/6720283131112325120/ Frame F4A4 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:20 GMT
x-content-type-options
nosniff
age
513194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 90B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjMRMDfwRETmAImcdQXOtR33aVhPnn2kVj3qQIj8ao0TuQ4crTq8cU9XqdXM3HGM3pmQCQ9d-QiyCUiu0lsc0C9x4NL7CSL4e_Nrh36Oe7aiywGtn1KX9ZX_yZ9pSGODM1rHjXcyELzuR4pTGrF_fONaRL9XX8fGo2EYUyINvekT1zMFbmrUuRD03X6pTgijbEMUySODLsua5E8DBFnRQLNV4trOtV1yu9YNtqGk4Z9VS-AnWLq-ZesJflqVw55C-L2wiUSuE5IG9JCWQrWVxW7mHYtrT_43Fgbu0L-6mfexzFwEAyBD9YFfdxysm_M-JvszhO--pw02ODhrQP8u9ZsfoN-b5Z1QO501I6OS4sQifh3-KuxSuhx6n5-N7TsUBcWfv1rdakwmyyhnU7bhLq_7OMaBB2PxUlE9HiSkI1oqHeZ9tZhmvLsgGJ4IO0a4TArV3Ni3pBgtj8C9-FWxc9jsMS4pabVIww_ryg6nURq1s--l-cgyrGPQwarVk0zRNcdSQ9AY4zG2Wi3ZHivrh4-iCmjuQTkmhQY3MkEDEPsg2c32pl-_RUF8NTihtANkbvepCpmD2Auwppvxij3r-YAd4qahwUxVcbRbV1Gx47WG4kjRE2fChzeYARKgo6OBjShUv9XJ7Cf3rniUVQB-HMwtlb95sK-fEUlxevJ1dRJsSL2MbiHYOKrWFhkl7nLz3UROEvQjtzx700gbadaHJXnjBfQeQBQWEk9OVz8jB6q00E29powqzNpq4-YzwZ59gtazZsTDltFLloXRMLS8bBSuMODPUOCUFExY9rMxNFVdK1mzVzV5jflbB2NE1vdOFUyuzcJFZVdpeuH5kJIxG4W_ApkXK5QYPZ-BKtJVxsyBJLvnA7XEeKLZegwBspX1uci5xLWjzLr8K_VHV8Ol__58lwaCi89Z381NRtBhTXL6poeFW_23nB__W1IGlz_8nefkikDLdCbVjrV_lEALOLBM81ihgBm5BtgF1VjecYsOUIeJTdwNNrS2tuDf0yXSmdsd4y6I9RTJ16mUf0FDQqPc8E4cZA6v9m6TqwhMLSBtKQ8t0MKA1Rdf_XNv3_aGBH3EdBHtClVdc7aMkeAGz4454UygKWruXgNgx_JMbqpD8f_36I3J48tz6Yt1wJWrncb5WozgvBVmVVKligDhD72mjbsTcRMShdVkg9jaxw3Go&sai=AMfl-YRjiLBed3p36al6nBUdbfrzB5mwIk3gP3HJ8Xyt4lGyQ2KUs8HajMhdjchPkGGUSdgk-Lup8UvsyX3NiuENcdq63kLz9AxdzvqPGZK0546tXlMJAPdBHMholfIuOif3TIPw8-PS_X5nl0Gv5CdIjpmS7eQl2IRrTWlLlyXzgTt5nMvZoyw2-17ol8BOPZ9YwyfY59CS2T6R&sig=Cg0ArKJSzLISv_IcwE8gEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1595&vt=11&dtpt=1143&dett=3&cstd=441&cisv=r20230614.52154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:34 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 81DA
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625788307119378
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625788307119378
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 16 Jun 2023 15:35:34 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968625788307119378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 38D2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2DKN634FWG3DXHV6F823
Pug
image2.pubmatic.com/AdServer/ Frame A0A5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEVTUwN0pHUU1BQUNFTTYtcEdGQQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADU507JGQMAACEM6-pGFA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADU507JGQMAACEM6-pGFA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=9195223259748919252&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADU507JGQMAACEM6-pGFA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D9195223259748919252%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=9195223259748919252&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADU507...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADU507JGQMAACEM6-pGFA&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADU507JGQMAACEM6-pGFA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:35 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADU507JGQMAACEM6-pGFA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9E31
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:34 GMT
Expires
Fri, 16 Jun 2023 15:35:33 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1031 59fd23a master ord ord-pixel-x8 config_version:"1969"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame C6F0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7868782405983581932&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
c82e0d74-250e-4c05-9e13-f434f2f4268f
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 15:35:34 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7868782405983581932&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 6CAB
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ab31e695ed944bb18bfef
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ab31e695ed944bb18bfef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:34 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_ab31e695ed944bb18bfef
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
usersync
usersync.gumgum.com/ Frame CD7A 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:34 GMT
Expires
0
Pragma
no-cache
sd
us-u.openx.net/w/1.0/ Frame F28D 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame F28D 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.177.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-177-129.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:34 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame F28D 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.174.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-174-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 16 Jun 2023 15:35:34 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame F28D 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.109.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-109-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:34 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
6fc235a0-0c5b-11ee-b1c4-06968ba326c3
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-005c22978f493e36d
SPug
image4.pubmatic.com/AdServer/ Frame F28D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sAXpCb9E2uUFrZoz09no4mqK0Tdgz.k-~A&gdpr=0
0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sAXpCb9E2uUFrZoz09no4mqK0Tdgz.k-~A&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sAXpCb9E2uUFrZoz09no4mqK0Tdgz.k-~A&gdpr=0
date
Fri, 16 Jun 2023 15:35:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F28D 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F28D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=24d81ea041a52171&is_secure=true&networkId=17100&version=1&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMtwV-0Pnn3ANrceMNAAAAAAA&expiration=1687016134&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&...
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMtwV-0Pnn3ANrceMNAAAAAAA&expiration=1687016134&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMtwV-0Pnn3ANrceMNAAAAAAA&expiration=1687016134&nuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F28D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=05397481-14be-41e5-b894-0f13dbdb9e9d&gdpr=0&gdpr_consent=
1 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=05397481-14be-41e5-b894-0f13dbdb9e9d&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 13:56:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=05397481-14be-41e5-b894-0f13dbdb9e9d&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:34 GMT
Connection
keep-alive
X-CI-RTID
02fed74b-4f2a-45de-9cf9-4ad527f129ef
Content-Length
205
Content-Type
text/html; charset=utf-8
i.match
s.tribalfusion.com/z/ Frame 2603
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d841f9edac433f7-YUL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2583
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPx6eEUr6a2dwqL6_FhzibE&google_cver=1&google_push=ATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNauAmdmA910XEytnMyp2-V6l09suOxH5DHdOrQj3fg82Z-nlr58xtGCll20UrIyfgYFtPKdQAp44rouBGr-6mRx3XEmF8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d841f9c3e5a33f7-YUL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2603
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMpKDaFeKAFIBNUhnXUYIWg&google_cver=1&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi3...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a2b663fd-5339-4be2-a1d7-6bc82ec05109&ssp=google&expires=30&user_group=5&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi31e9fjXg&google_hm=u2tOP02aSrKwB7iZggMuEg==
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi31e9fjXg&google_hm=u2tOP02aSrKwB7iZggMuEg==
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPP5UyKTng3r4fXPTdf9OLJs3cpMhqCz8bMoRxKAnIlhEOAEZ473x2urTOlSsvCvhpi_tndf74Y17c050ppgQi31e9fjXg&google_hm=u2tOP02aSrKwB7iZggMuEg==
Date
Fri, 16 Jun 2023 15:35:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame 2603 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEFLiVTIiNeEP-nP100NLn58&google_cver=1&google_push=ATf1kGNwe6fzD4P41TCWVrwYgYgR1wnd5ROW8xUS7OZm3ZUsNixmvZwpdZvJfMvfSOfzc9x7tuhqym9go3907xxnZGiXpIXP4g
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 2603
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEGysicJAOAZOMO572grBwrA&google_cver=1&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0_...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0_dFyKRZG6mNw
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=QmPwlEyTXoVQwRwNm3kqx5U4mbg&google_push=ATf1kGPTvCfc6g6-ok8FRsyokdimaVqvn2IEVfl5F8qLHSJgT1RL8EqLxEwEIM0Fgpo5ljyVxPFv1nFOXpIme0_dFyKRZG6mNw
Date
Fri, 16 Jun 2023 15:35:34 GMT
Connection
keep-alive
Content-Length
240
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 2603
Redirect Chain
  • https://dsum-sec.casalemedia.com/cma?google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1&google_push=ATf1kGMnKkD3zRMLX65LGvKqDjkAVMJHgK7t33ceAg5Xukr3UUrtxBnhTquf63CIztuekNNiv2zm_gzUUZJ6RvZafDaTWIr...
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625788307119378
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625788307119378
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625788307119378
Date
Fri, 16 Jun 2023 15:35:35 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2603
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4YGomU2Q_UsDPROWxg&google_hm=c8bca416-9819-4d74-acf4...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4YGomU2Q_UsDPROWxg&google_hm=c8bca416-9819-4d74-acf4-00ac86ff7171
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:34 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-162
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGPQIThftU11_N7XQEO03N0TXG1rnesMcSSomzJv-7M_BvO9wEQ0c5wuJ0n4x8-W0Z0bMkI90JJY4YGomU2Q_UsDPROWxg&google_hm=c8bca416-9819-4d74-acf4-00ac86ff7171
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 2603
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEObAhojIuxwhI3xRTxGVj0c?ext-param=ATf1kGPBKleA0cndLhaclmRvbjdQ_VrHNunMWpYWncSYJA75vdouNotpOQR0oZZAJuDcES0wZRROOv4U5MxbenVC3YMmsVWNgj2Q&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEObAhojIuxwhI3xRTxGVj0c?redir-setuniq=1&ext-param=ATf1kGPBKleA0cndLhaclmRvbjdQ_VrHNunMWpYWncSYJA75vdouNotpOQR0oZZAJuDcES0wZRROOv4U5MxbenVC3YMmsVWNgj2Q&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEObAhojIuxwhI3xRTxGVj0c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 31 May 2024 15:35:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2603 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1UPDUr7viB_sjTMKbXadzbyuqlEG3SWZ2T0uH3vJbeoE4RV_IWE4FrWKy1j3wJokTJAL9Tw
Requested by
Host: beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
URL: https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame E34E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74396
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1B88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ4QKZtaKIUWQgpV1Q1yYbD2rbY-IaTrSo5DCHIZUp-8PKx2Slajx0-rV58GDV8Fq0OrZxiheXUypthh-kxJjnVlG5PejAykckasCRrgQ9QGXNnLST662KO_dGIoLAz19YKPwBwMIxo7ZZ6gX0gLnaDwBu-57cgrxobCQ7sBu3gVi5Hh8yEfhwPUA1Lv0QsXHGZuW6C9tq6bMOAT7OqumU7ksA3Rw-y2FhDQmVe53JADtjGEHvOw1QpRa37bnxZ60zfMQC3EiLisTAhuIewFuk6yWlwxDQijYROygngRY15B5w_M4vQNRZcMI2Uzzk2xRpHeXojBDFQhSE_hs1qPmvmyYUIyeuEG1SRwvLpdZan6aTCj_LNp4De4N9UAufS0iTK3jOnPeJLSLNXddkNb8FYBFpuo-vOChoZcIlf0zFak4oQcAi2G0kC_WCvkCmqWSVNnpYQ6hNphNfNDYMqBUCGgHnMlfHqeMpUDAXaaJb0tsc-ZcPPmglpj7YupRpR58TurMKFw9NwmG_OdFW6uVJWSRktgesJCNc_wFEPTmk91MvPEmMZEadU6XqAsqTZ3DsduUAP0lkNXkE6zahcvNY4-vtjVSzu2OHJHyDkiGJVjlWw92WjP1Hg5gdHDye-awOzy8lzosxellr69xKXJkz5RnoBPerRdKTFwTA6I6-2nsGQ6NIrXSrBHChmVqKrTkBY3Fo1EZT-qM9gA-1tb3MKcZeO7bUZ-_ngJP9JmXkY2R_Bvc_pJVcLpluG-KZZ8UnhAFaSkT3OxncaJTOlF30fRlKc7FIzK4OIy9pi-kSFrl0wg7dGS6DoDPnJ-DpJewQ4OQsihEEAG3lfd0ju008ShUL-QoQb8fRwlRyAXgdSJHDNgh1pL6ioW4pN9UDcz0-1CfrTbZV-sNVHq_yl-tTpPp9AzxcD1nyFqDYnXOyZUI5bquTGo0JMcAIJOaG6kRpAk2kwv0d05OmgsRHLvCnIpZRPZbQFV7_bcFJu20liknnCqg1r2bORaceEkpfz3GUG6u_nYKP1w2598-RM4J02Npz0_UAiFparWnpV5eLNX1ZwRJHwGjtHnGXrn8bgbrNcppgK-tO4Vq45_31qdAFZ9_IDmYHNfiuzOMbB1g6UaglFLoGhlsGuvFjJP2tpG-ptR4bxDSs5LVE5x9G9jvcllxCQ6-bzGH9xuboBMa4&sai=AMfl-YTt_2wxWvIqcAed8iglX_Ba0NXDLaQR3CN4DEwne_OxRNGPKUy3nK7gMQCUvcfeepJJDWj5xBMmsig75mwft2oXLm-jHKz2Uxr7N8qZLKhkr9tF2cshfAk-Fl1WDhZS4OY6l2SCgPdsDMWcokHy734nhoSE7agNab4F3680L6yjMv8mhnPKTmhWOi1fuhvj15mauvU5ZsLu&sig=Cg0ArKJSzN_wGkbJpzHJEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1780&vt=11&dtpt=1435&dett=3&cstd=329&cisv=r20230614.72042&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:34 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 360E 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 862C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6a-3x0rzLDLwBdyq4Yq0AmNxY4aMD3SZG57C0qBJnyMBFd0hUqWqqkV4fTFwAjPnZoTlZ4Sg323xbch8Nnnx72TAWI-AJQBy_tjZKrxwfjlfrJcs_l7ZYTqYYLrSEUHQnA0t5vdADaNMJo69lNKIfZczzTrM2Q7cpGjj_S9p0Ae5AbjRMQCB8m-C3W4s-0oWjmFSLEaYn2MDWSbFto8J2sSOYSYR3KoHXF9VL7gc_rHrJ5rQaXbbTXlFs4tQUhqREZ1xjRwx9iJGT3KKFe35ClKBBOpE0LWf8ahrL79qre552UaNzWB6fl5qRJHutrMxXwsRLCDu65ywEQLY01U4AVE00KN8doXHgDZPhYhMkJB_pAJ13tDIEoWPcvRitZh7O7nepPnW6JEFm1Ex5rdjg2DhG8ncfBRE27MF09r-OPOGhk9uFwWkngek3wMqJXhJVH2vM4dOOinS1v7-ySqomjfMc_BOQXUJZtL9zX1haYsPoiGI3KdumJWqH04ydVe81bCS3-OHLBakcx093bLsA_K2ptNQE_BXR2FyFhvkSg7Elw-bnAYtyFh50ghKiI7YZldz-tz2lzc1xfvCepDRjQIDvIJsPTrSyljASj7Tg8ehX809Oullxr61HDmEJyBBuGj2f8xzsCohewIfjjqmhaid0pNc42UulZTEczVN40lSyVffQ7WDR1_t3Iqg1rtSSsGyWU-YML46DWiY7vab-XZwZx25NCfaugxtgFLJdHT2-_tDPFgATRp2W948vyZLDMor-FdkBwgTRCeSrB2frsriU2VlDCcAMTCgUKzInv2DChGa7oLtX5--TGcoOQyEm4_lPyKnGZ17nA4s_R-_TccUlDyFWR-gZv2zehD9uaej60hFLvhlz116yZG4lHLYdWsCeAjslDvFICWBRfA4EDiw620guCNMbWNxBwTSKbEp9ZVcgRprmzogINcYalXdlJ7NE5Stwez_ELBPz7gNHCjltQTSq3dTSmN3YIr19Cnkozj3LN5xeGZU4jsEkwUMChUFK74aZSxffqyMteTHqvgJvtlRId-9OkhgLORJe7y6eUAx-KvpTbd6ARA09llSpAP4r6AIhb7ChFcQMhmFujJhaEhcHVbZgZmQmra6C9M2yh6KJO9A-Zd8_KC37xehbRWtxmWWans9tBqPzZUuJmw3E8_UrHz2RUqAbm1SReyU&sai=AMfl-YT6HJ7voPWZvt6wDgYhoa-Z5aKedu1QwXwERJoZmTOyJrqpmwG9HKdnaciddiL9rrqAUk1TS2GXsuZKz90vQaYY34mTygS5sH1flYXLUuLRjYZoENuSj99nOIMyaopv2GUpDza-gB1-ygRmZFntIqmDhglQEhFHqbQT8MRdCtVSERYZplVWi4pEQgh-ApfkWiT_ZmxcUnhW&sig=Cg0ArKJSzPI66ejNfLN5EAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1802&vt=11&dtpt=1218&dett=3&cstd=569&cisv=r20230614.15335&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 644E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=1210&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A0%3A673&aa=1&ad=1023&cn=1023&gn=1&gk=1023&gl=1023&ik=1023&ic=1023&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=717&cd=717&ah=717&am=717&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=1&tc=0&fs=203695&na=408065554&cs=0
Requested by
Host: 6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
URL: https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A916 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A2C4 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a30b8acebe49106fdfe4013dabac8a2a34ebabc28c3e63766c2b35aaf71ba275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5831
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame A2C4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33844
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 431A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A79C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d4dce10c868542ad8fd6da23b9343690bb5f8cba64e4fbc57c8f3495dafd3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5738
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame A79C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8779 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:35 GMT
index.html
s0.2mdn.net/sadbundle/6720283131112325120/ Frame 7349 		321 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6381b4ff1dfd889a928888c5f06acd19079c432a9eac74763cd84afbdd7ff1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 15 Jun 2024 15:35:35 GMT
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8779 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdoW3IceR89iVCmR4yYUhIeBF5L1Z2N53R0C4drEFZsKm8GuwHgn8jbrqo7TZm7KGid7-y7_ACVyxjSRz4yJN8FtnE0nWs0o6QZo3O9dT05i9nUYuQdzeMfbgXXdQNlojgfwq5fxW7-hMKqzLMItSd7dhtqIp73vpRv1p6B6dWyr3Vcv6HuBS7qXRnfBRuJ3_0-wCWHl6muUI9pMY1IDyN2UukgFxOUb3Bg8_6P_WINwt_UlQ0N8mh3LCh-HtslgAnuh688G99THWE-unI1H9SxbHGjQUrbMrQSkXpEbfejG-bK0TosZecen22Cbdl-KpGtE3LBszheys5ah2-mxTTLDlL7aX26u6gPvARxaR6NpDzdigc0sIV6eHMqy1p3E58E4v5rJzo-WgC2E8KjSJ2FQ_yABWyDhDiw3WIHwqr_l86wPag11LYTjG8lvmPiB2JkXw4t0OatEZNyjgU5Z7cHxiVhBXoUIJsXa3xwaTTHpHvUgpyLwNHE8Fpn2FiIOToAWCTMvP6LY4Byn0KLuIFu3YWFA-SSQE_-ioPHjfVraIDy_uNBdB-Lf521ezw-a-q_lYqhZ21QLOheALzmzIjZ90rRV4wMhOoKIlhzRhYzAg3WMWAWTvKlE0gROEUTc79i2vP2p9G4b5Uk9qVXI1ES5bmru16jeaic2bb6tMgMU2uUc-nGBnV10ASwzBQlIL2WWPol4438k-XIyh_koGvrbz9Ou5OWPcDEjFwSU8vVVOKFpTMBs5i4YOCzZAxulBKHqQzG9xK82pjbFMcIqg62hQm6jxk8fg3vRqf0BVlu8fd9gBfuaVIm49XR2H2ORyNhT874en9LYukqDOdN1_G8hhWNpk5XeLYj7NrfoLJHKzLRhuDRLgqscOdm4Hgj1rqQ6TOtWB_s52C4JuA-UmoQf-vfqOS6OBsqHza3WtAU9kYqxVpf7XMZlQYhWsH4Mdgui8JKR75TAyLlSQNE22hy2x_-yKAiwAuJQyG7FeBAQhKL5j223B4OR8FlYmL9ne0Pz5Y68ATtZHS7wFR9Db1SF4ezOebLCDJJ_ScPydN2kQhxWAQvxo1tGNqu27Yz5lTiuevam16C_wqeIBFXFfpOFgBEBmcLK2uvlCy95pbpb7n-pzvnatQ4uGQfHi_TpIvVKEz85zCtN09omBba_SpxV1ytD-oyd-0krDB13gEdCo&sai=AMfl-YRMfSn8DrZD3wnTHpH6_otqRyLVYnLPl7-I-l40twVBNuYmfouUPo0v5F7Jz_MEI2gbp4UslMm5H_Cx6XxSi4Ww6XQppuPhp7BRYeDeigxDtkGftG3otslSmjmH55fB-tvolb3ak4ld9QBDajH1ML9NJttr7XfHqqZXpYyZEBQS665xUaL9k192ZnHmJQN5_UeufHfcrzL3&sig=Cg0ArKJSzCUsX9auwWVHEAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=632&cbvp=1&cstd=619&cisv=r20230614.59357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 05A4 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b75c96e84836153d473c7f7289b222a5114fa5d8745a87c174109de74c70c98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5597
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 05A4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90E5 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:35 GMT
index.html
s0.2mdn.net/sadbundle/911325707060117504/ Frame 3F44 		319 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd40536f9ae7dcaff774a1fddf4b78dcbda027dd4d830f0d931949aefdea7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 15 Jun 2024 15:35:35 GMT
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 90E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkVF2pFrbOChz_oNUtuMpZxQ8CWc0oX9_Vo74zbS2beQkQQ3vfwAAUwR2u_ygRmPn3jc__wptAWbcnZ0LDzxeb0TUdnmdBuLYWdaTchL4LEm1ym5jjF065dVPnOgApho6S_98C5K_t-C3_HbLKpmToSKlc99kdg-HqyvWzatcvX8oPYzllWA9FGi7dQA7AwJwD82RX1c3oL7nZMAl5jjR06MX4zF7r7SBeVahGytLFt3S-4RXo-eYEQrz4Xy-ZbHGOJfkcew2SnuxTcypcqLHaak306WPkWKU5-QYAtMvjHXvykZgY8eUBS9HyHulu9tXsA0MfG92YSkKVPxIQw4QNqAbQb1aKNj-Bo-HiHUWednECjAeP7CqlI-8o4uQEGimzRA6BuAU3hpzfkmzFEzOdUdT3vOG7hPKcYcmFgS4dj0nFV_36ZFVNjdm5spPVjbxDTwG8Q1puaRbHuwxXBw1PTBH8YQ7nfoRrKwbeNmEBLoHWB24sNOjUmHfy6jjylpbMtA047qNayd8-YaLzEu8mpcq_yoyosb0P6k8Tl3tT7eohjaDeGP-571vxLIlJEnU5EdMnbirsdWZgzK-3CypkYuD9h4Jqw1oipZP_Lal1YWBmRoSbbqosu4LJeRHydd1xGOC69T3XE6XUFqAoa7Ox8NdigXYQ6h2q39ZbRj-Hw7NQa0rjzyDwhz7Mdhb90x5nrgKtjq0doZoL9BMNfkXZl-IVooTej6QaG6lE4a_DQ4JIL9LBfAmhRwIFgCp5kjkFeutzKyeQlmKZxIN4b4H9He0a5ynuWLG3IkAsgYy2WB8L-scAwzEoqodaqmAGWD4j9tf6PKCcZ4pLbBKF3cATP3CQWVtH4u9w9PKv_mCFMqoOUWVT8wBlGltkmw9XLyCUVcL7oawBJ08lFAnOCnhFdGvLIsEOkgxOR1dOpacJZmgRJllxbI9kvYqC_MLiGvv5bNLomZ7GQILJPEIv_JdomJlsZuXpoiO2_FR3Npby5tgzDLt-XApQ_n-IGtLg3IoTGttBB0MXoodApxIh9rIsV8neBITYq6Q0-xNUvJy1H63h-F3MwVJkFIOgfY15yG9hh1YGD-yK2H7u5-NDAtewL43dbDx2aGM5ZO3wdIASveIXmUoFrVuuZRI4TJJ8ZV7zPYKj3abUTHW-OWYOxc0EH4KbD5mhTJgDqibx4Top&sai=AMfl-YSI-1_YH37UmrhfdQO90YGT048G75qyxje6m5tUwa1vfj5bqQFG68WdukpkSgzK5BbLW2nYjkXXfkta-5Qs8_EmlSu6ENmD6LzUZgTBbpZxtywpz3ZRwv0qdeEqt2HsvkmKNokx4yuxKsYdNz6z6nQU5QUE2-g3z3JPUYbRGck9RIX2ZI6n-X3xaapQ0c5SbI8APx3x81SG&sig=Cg0ArKJSzLNOSH5fN76lEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=602&cbvp=1&cstd=587&cisv=r20230614.48232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F4A4 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d2cdf650f68cefc474f84322d1bd57fe74c2e75828824419e0667b8bc33bfe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5597
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame F4A4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A2C4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A79C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:35 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7349 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 05A4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:35 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3F44 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 00:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 00:54:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1B88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMDl6f0GrZxSrZC6sXw57nbS6iPoHArxfP0WNugt8DZ5Kcle_HtbOlGLWC7VgJrD1DBMqkAclfM5GaXEBQaLggJYmcfEjy2yU&sig=Cg0ArKJSzFaDu6Ln_t26EAE&id=lidar2&mcvt=1242&p=0,0,250,300&mtos=1242,1242,1242,1242,1242&tos=1242,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731505&rpt=2597&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F4A4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:35 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B51D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
eb2.3lift.com/ Frame 5724 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=17072
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/a75d1a7b6451fb8e97d45b1d972e95d4366c1591/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
aa2c8d2ca8017718fdae6d5692cbb4b4c3ce4299aec9ee65a6b4ad87440d8337

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:35 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 90B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1X29YPoUFWQjK4k1vimG9SC4qVJhrVEKb12zljAfMQ9ctZUrkpWaFrfpUvQEJheYY2XHdbZmSfkgy2ozIpRqIy5dhNAs8-Mk&sig=Cg0ArKJSzNMSXOXyCfqbEAE&id=lidar2&mcvt=1256&p=0,0,250,300&mtos=1256,1256,1256,1256,1256&tos=1256,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731682&rpt=2523&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2F7D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
37558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 05:09:37 GMT
expires
Sat, 15 Jun 2024 05:09:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ixmatch.html
js-sec.indexww.com/um/ Frame 7B5D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1170
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841f9f8c0454c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Fri, 16 Jun 2023 19:35:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 860D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ce.lijit.com/ Frame A180
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
c9b96b074dbfdafd1e9bd9d18979766fc8b54fc4326ea241a741173439b90534

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
855
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 369D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59871
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame BEF7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=LMkl-iLMKa43xCSqe8gwrHzJLv83yy_9KsVMTh0e
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=LMkl-iLMKa43xCSqe8gwrHzJLv83yy_9KsVMTh0e
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=LMkl-iLMKa43xCSqe8gwrHzJLv83yy_9KsVMTh0e
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
genericusersync.ashx
sync.tidaltv.com/ Frame BEF7 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4102:4bd7:5264:40b8:b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame BEF7
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:35 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
/
rtb-csync.smartadserver.com/redir/ Frame BEF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x12 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:34 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BEF7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rm9dk
expires
-1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B34 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59871
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D68 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7AC9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1170
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841f9f8c0654c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Fri, 16 Jun 2023 19:35:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6FF2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
f78a2a3c23694812e89d4e0f3727f29209da941e9bdfddc3d49d6f95f4b76801

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:16 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
/
rtb-csync.smartadserver.com/redir/ Frame 360E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rm9dk
expires
-1
genericusersync.ashx
sync.tidaltv.com/ Frame 360E 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4102:4bd7:5264:40b8:b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 360E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=qyXtq6Ug4f-wKOz7pHT4-q515fGwcrH9pCNehaei
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=qyXtq6Ug4f-wKOz7pHT4-q515fGwcrH9pCNehaei
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=qyXtq6Ug4f-wKOz7pHT4-q515fGwcrH9pCNehaei
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 360E
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&gdpr=0&gdpr_consent=&google_cver=1
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEElYJkycfc_dJwkomjDOcgw&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 360E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-4GbnhytE2pk_hq_bsixJ8YAoYPlNet.e713mhg--~A&expires=5&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 360E 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:35 GMT
beacon
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
46464765fb2207c2beb3c2ac559f443f157be9c3698a4f0aa5d9016b9e98d3c4

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
883
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC5E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59871
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E022 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1170
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841f9f8c0554c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Fri, 16 Jun 2023 19:35:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F966 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
wt.rqtrk.eu/ Frame 2E16
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=9195223259748919252&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=9195223259748919252&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
15.235.42.103 Victoria, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Fri, 16 Jun 2023 15:35:34 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=9195223259748919252&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:34 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 2E16
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
date
Fri, 16 Jun 2023 15:35:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/ Frame 2E16
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8d8169f6-bb36-49c3-ac62-7a4fc916d6f7&gdpr_consent=null&gdpr=0
43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8d8169f6-bb36-49c3-ac62-7a4fc916d6f7&gdpr_consent=null&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8d8169f6-bb36-49c3-ac62-7a4fc916d6f7&gdpr_consent=null&gdpr=0
date
Fri, 16 Jun 2023 15:35:35 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2E16
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
43 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1018340
content-length
0
expires
Fri, 16 Jun 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E16
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent=
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=OTE5NTIyMzI1OTc0ODkxOTI1Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
activeview
pagead2.googlesyndication.com/pcs/ Frame CF11 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBS03AfxOGNE9tGHNounutGr0GJVOBgza62ZsGNj1XYUzOkr8w5JpFMTinNycjkvMtqluRg_Dt09wymHOorPuwY3Cx6AaO5sc&sig=Cg0ArKJSzFnSmoKgeIfsEAE&id=lidar2&mcvt=1247&p=0,0,250,300&mtos=1247,1247,1247,1247,1247&tos=1247,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731550&rpt=2748&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F49A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1170
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841f9fbc3e54c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Fri, 16 Jun 2023 19:35:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBB4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59871
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ce.lijit.com/ Frame E022
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
a69c62ef09182735a3640a66f629943860f8fcd8944f2616f1b697e493f31ee8

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
853
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
usync.html
eus.rubiconproject.com/ Frame A348 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 8904
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=BPKtEgr3oUYf__AVAPG4EADwrUYf86VHVPYeVXvB
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=BPKtEgr3oUYf__AVAPG4EADwrUYf86VHVPYeVXvB
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=BPKtEgr3oUYf__AVAPG4EADwrUYf86VHVPYeVXvB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8904
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
43 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1215940
content-length
0
expires
Fri, 16 Jun 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8904
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 16 Jun 2023 15:35:35 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7ogVPliVybm0tD1Zu-cZtdQ_SOo6Z3nSMvaqu6bn6lzhh-N0BEkk4g==
/
rtb-csync.smartadserver.com/redir/ Frame 8904
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 8904 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
beacon
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
4e9d527a99456d0307a68a8244193f3ce0ed881177b67543a448e3ab04bf104f

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
854
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:35 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
ixmatch.html
js-sec.indexww.com/um/ Frame CCED 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1170
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841fa01cac54c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Fri, 16 Jun 2023 19:35:35 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7559 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:35 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F43 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59871
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:35 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame E455
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0
43 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0
date
Fri, 16 Jun 2023 15:35:35 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E455
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 16 Jun 2023 15:35:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b653c218-b770-478f-85c1-3c3b7d5fcd41
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame E455 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
genericusersync.ashx
sync.tidaltv.com/ Frame E455 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4102:4bd7:5264:40b8:b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame E455
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
69b2b23f-9861-4032-a8df-88e3d31896a4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 862C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfP1eX7iPk61DxN4ro4bj7NWVmbpKVAb7GDUg5ZP85k40jff0cuTqjzn5IqybaGr8mtGHU9fBHa5ApHtmWQD_NevpEZL3X15s&sig=Cg0ArKJSzMqITxX_lw0KEAE&id=lidar2&mcvt=1262&p=0,0,250,300&mtos=1262,1262,1262,1262,1262&tos=1262,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731640&rpt=2729&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKxNITY6WpPgijPyobfBm5w&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5724
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NDQyMDI5Njk4NzYwNjYxNTE1OA%3D%3D
date
Fri, 16 Jun 2023 15:35:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 5724
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6604978BF4A44800B0103C498A354079 Ref B: YMQ01EDGE0817 Ref C: 2023-06-16T15:35:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+QO+2W1FZrF42NPTYGg==

Redirect headers

date
Fri, 16 Jun 2023 15:35:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B6265D5081574DB3B71387BDC7F9B488 Ref B: YMQ01EDGE0817 Ref C: 2023-06-16T15:35:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/setuid?partner=tripleliftdbredirect&tlUid=4184420296987606615158&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAX+QO+srnCGkbdxf+VQyA==
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4184420296987606615158&gdpr=0&gdpr_consent=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=72c3717f-b617-4d42-b055-11bad514223e&ssp=triplelift&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 5724 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4184420296987606615158&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
last-modified
Tue, 06 Jun 2023 17:34:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 426DCC061371447AA2A7A6C767951117 Ref B: YMQ01EDGE0620 Ref C: 2023-06-16T15:35:35Z
etag
"4729cb259d98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4184420296987606615158?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sK6T0ARE2oSq1UF0rW40BZSjX4lAVGfgEYceeGT1Gg--~A&dongle=0883
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sK6T0ARE2oSq1UF0rW40BZSjX4lAVGfgEYceeGT1Gg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 16 Jun 2023 15:35:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sK6T0ARE2oSq1UF0rW40BZSjX4lAVGfgEYceeGT1Gg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JZWEKZKIKJGWE...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=NlEeHRMbmPui4ApJw2rW
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=NlEeHRMbmPui4ApJw2rW
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 5724
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7868782405983581932&dongle=4d58&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7868782405983581932&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=17072
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
13631fb4-63ce-45de-aa13-192f2dbf4889
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7868782405983581932&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 860D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74395
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929735555&oz_l=437&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
usync.js
eus.rubiconproject.com/ Frame 0D68 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74395
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/911325707060117504/ Frame 431A 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 03:55:02 GMT
x-content-type-options
nosniff
age
214833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 03:55:02 GMT
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame A180 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=xmgD85dk6uV58ASisqHT0
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0279afcdbe6a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1c2845b-f0e0-4ebe-8fc9-d0aa233117da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=4642337543
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Content-Type
text/html
Connection
keep-alive
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT, Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame A180 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame A180
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame F966 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74395
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CF11 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=247986973701&version=m202301230201&ct=76&x=8&cor=11643965540367774000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1E0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Date
Fri, 16 Jun 2023 15:35:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT, Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=QmPwlEyTXoVQwRwNm3kqx5U4mbg&user_group=1&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=G03niPZH5lRXKpa0QfmyLxxR&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=791276946469
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=791276946469
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=791276946469
Content-Length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D188149...
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame A1E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
sync.targeting.unrulymedia.com/csync/ Frame A1E0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=2635390217
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame A1E0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
587c5b4d829b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame A1E0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
07cd4345-8ba4-4bb5-ac3e-bac0e8706f59
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A348 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74395
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B6 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7458106960889&version=m202301230201&ct=76&x=8&cor=4054183949209867000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 644E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
usync.js
eus.rubiconproject.com/ Frame 7559 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74395
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame A916 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
sync.targeting.unrulymedia.com/csync/ Frame E022
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1686929736042
  • https://ad.turn.com/r/cs?pid=45&rndcb=216428980
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
pixel
cm.g.doubleclick.net/ Frame E022
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a324a72e-c34e-49db-9ddc-da22f6e3c7e2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0279afcdbe6a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e2cac44d-48c6-4b3a-8fe4-05392569dd6b&user_group=1&ssp=fmx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame E022 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E022
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E022
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT, Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT, Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
sync.targeting.unrulymedia.com/csync/ Frame E57D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1686929736044
  • https://ad.turn.com/r/cs?pid=45&rndcb=4212775027
  • https://sync.1rx.io/usersync/turn/2359921639606788299?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame E57D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:35 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
db80e4cb88f8
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADU507JGQMAACEM6-pGFA&gdpr=0
Date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
55cc8e92-81e8-4e80-8710-2f629c9de814
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=fmx
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7257672098865546847&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E57D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E57D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E57D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B88 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7369673561315&version=m202301230201&ct=76&x=8&cor=2944646475514724000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame BFDE 		849 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c122fb8d2cf202f05a37885375583fb95dd1dfecbef7c332196233e6ea963fb4

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
493
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FEC5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 21BF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 93A0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b0997a97d552cf9437d52c8306de953ee7962184590d0d2a1b560a0e3fd463d2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1763
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 5F0D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
095c1db60d1ded71b9307aa95ea5b01d8ffedccd13fdbcb0c31a4b552371058f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1328
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 862C 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6314093163481&version=m202301230201&ct=76&x=8&cor=8690343587064380000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 337E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
39897aa04fc8f0aed0964009a769f4d9f0de82f86a6652ab45644c2b547b5ee4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1538
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B298 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9DE4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 9944 		680 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8f575b1915c09d18ff9db4032330d1888d837fc726a6772f49fbb1c299fc6c1d

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
424
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame 5FE0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
14e782f0b1ad79a7fb54cf321ce855960d9f6fa3524bfd72043fc8e8275d18e0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1624
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/6720283131112325120/ Frame 7349 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:20 GMT
x-content-type-options
nosniff
age
513196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:20 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2DA7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6392c8cfabd17b62df150bc1dcb264133cc5eb693d7c56743508933e5b943ad8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1780
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 52A6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 3A47 		583 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
054513afce19627673d8ae569dbc8ec42e2f9b6b58c6c01c5b88ecbc28f36f54

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
377
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Muli-ExtraBold.woff2
s0.2mdn.net/sadbundle/911325707060117504/ Frame 3F44 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/Muli-ExtraBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 03:55:02 GMT
x-content-type-options
nosniff
age
214834
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35176
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 03:55:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 95BA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7835 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame F0E5 		583 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
054513afce19627673d8ae569dbc8ec42e2f9b6b58c6c01c5b88ecbc28f36f54

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
377
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame 4CF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7vQc5-lsf6H-b71Xvm_zn_ycdJ6lR1KK4nvlQPxXLnvf9LZfgxc2eGu8jQo8el0tNmcEcoKlin2Y2wzasMgjXiX1IkCOuUEdMAuAtHAxqt2RhUuOmcctzCZOMVCb2O6RvWiCjPtCWxnJ0QsEKTbtiMAubiKbsbQBOQ0I0xcwV54k67E3ZdiO-V0qEz4V6DeO-nouT8IhkVR4NO_VK-LEsbANhgbr5iXYl5BsOdN38EGxWyNFxGqvvlm-JM8x6ZFiMBeahr232F9xVSVT6QiowBjBDefJQ1cN_5PLqH9_3OUTKUJgh83B6dJfLPXoFFZT3taEw_ZGQm_hthgPTSvFqI95cEUAxrWgYIcs5BO0BXW13IXAnIyGg0hyFqoEJ0HvF2JoChgNRD87f-527MBO82HlkGV8RTIru2jc1a042jT8M6lu4zbnyiKrp5x8LRa5RDVCTL9RQVtcJKn2s54LyixsuNa7TYUodWhP3ZaaR-zkwgilphgtjHR4WHqkiohcbnhEuOV6S23eUQ1evuiLXVIrRvyF9HTZDeHJ0-0ZTHUBDvsOMGj1If3dSJ-1Bgtri18Vbg2QXfuyZ1s66oUonMD1iNZMgf2P1PTeQSdT-IfZO18rAqLV0pOVa6rHL_tf4Bw9zOdWYLevLmvPlpfuatM8JhU85pZM3Hg9BGNvmEcCdxNzzQAOvOScfUaIfyE8mPWw-Q8wlhfXjLAuED930yhG2L574kfd6EhHLN8Jj4F9stxlbgbUY3VHF85H6ApWHUr9vSVeg-daVmqH7Vnl-SoQDvlcbt6H1HhrK1lmVhn1vjS97D5O2_nUyxuiRuISaTCONAA0tirbf4UK3woJMCQJz-y8pQY35RN_yhNBUoCCXEyvnp8b9PMLT7oovBqDHrHpRe2R5ibf19wngVQG9S1yTzbETiYL4Lp_BAEjly1wJqnNq7_iaxOTuOb59ugZpKcub6A9Tqr4KIeIXLmY32vyZKkXdPXJe7J4ZWpn-ACOrGTXlB7TJqS4lQOgNw2IAmIV0dAUvgkSOOB-x5CPe-yJ8P4n7E3odzR7qhEddsugCAJnO49C2ciVuplph_yHXtCfukuzzzqfFFrmCYpVjuxDP6Ovu9ROuxINaC62WiEZehzM5zU8iZPrOn_92pbcloqsnY60GGd6lkgkQEhdcjJJKafQhr825MLwQLnJN&sai=AMfl-YTnQCYjQFzeNkKsEqXtC2L6834m2PzvhF0EzOrzPwkSfI27B6RP6wpmvnrDQniHYCApdo-Zp1UGHszSNecZUGf97nVHV0m9Y0UFMF_WxYy_X8U09FBWOSng5Hgb0TCqLPMlWMKMqZ1iUn7DiUDNDtm2D8xtmqPrqtInw0jJKhRSF7XklUmSbFqRhaorTBNQ-20JRG-3vGm3&sig=Cg0ArKJSzFy227sur70-EAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2382&vt=11&dtpt=1776&dett=3&cstd=589&cisv=r20230614.23756&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:36 GMT
generate_204
tpc.googlesyndication.com/ Frame 536B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0h7btA
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame BFDE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BFDE
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=bc546105-74c8-44ad-b4c6-1946bf7e18b6&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:319e3af96cd7cee22dc0f193110fd3be
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0279afcdbe6a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame BFDE
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=fIzf3I80wc0kJ86wiFUsPQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BFDE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=2e5f648c-8142-4e00-a92d-af87705ce1c9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=2e5f648c-8142-4e00-a92d-af87705ce1c9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x48 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=2e5f648c-8142-4e00-a92d-af87705ce1c9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:35 GMT
sd
us-u.openx.net/w/1.0/ Frame BFDE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=05397481-14be-41e5-b894-0f13dbdb9e9d
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=05397481-14be-41e5-b894-0f13dbdb9e9d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=05397481-14be-41e5-b894-0f13dbdb9e9d
Date
Fri, 16 Jun 2023 15:35:36 GMT
Connection
keep-alive
X-CI-RTID
abd686c7-0e40-464d-a789-71d56a619328
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame BFDE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame BFDE 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a5a4261c-7db5-4564-88b2-1ad168c0d78b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C808 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1cb5341d7f55045ee1f4414b94abf8fad4897a6ead30bdb1e7b74c3c0d0d5a2

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
861
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
ixmatch.html
js-sec.indexww.com/um/ Frame FDD1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1171
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841fa54b1f54c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Fri, 16 Jun 2023 19:35:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A499 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 1715
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x24 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:35 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1715
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0935220407a759e15bab9db9&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
/
rtb-csync.smartadserver.com/redir/ Frame 1715
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
43 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1715
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e5e56fc8-f8c3-494f-ac77-427b723826f0&gdpr=0
43 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e5e56fc8-f8c3-494f-ac77-427b723826f0&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e5e56fc8-f8c3-494f-ac77-427b723826f0&gdpr=0
date
Fri, 16 Jun 2023 15:35:36 GMT
content-length
0
p
a.audrte.com/ Frame 1715
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Y2Y2SFJrMENuNWtTb0tlQnN6ZXgyNFVrZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGNmNkhSazBDbjVrU29LZUJz...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=7257672098865546847&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=cf6HRk0Cn5kSoKeBszex24Ukg&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=9195223259748919252&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
52.44.244.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-244-58.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 93A0
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:36 GMT
rum
dsum-sec.casalemedia.com/ Frame 93A0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93A0
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 93A0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
dcm
s.amazon-adsystem.com/ Frame 93A0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4VEVBCJXCCDSXYWHNDB1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
dpm.demdex.net/ Frame 93A0 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.104.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-104-179.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v048-0a433892a.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3GjICwm3TiM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 93A0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 93A0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 93A0 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67802
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fa7dff2a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=14023950-a2ba-4f90-aed5-74b343999ba1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=14023950-a2ba-4f90-aed5-74b343999ba1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=14023950-a2ba-4f90-aed5-74b343999ba1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:29 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
cache-control
private,no-cache
content-length
222
expires
-1
rum
dsum.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=index&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=index&gdpr=&gdpr_consent=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521736
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521736
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521736
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
r.casalemedia.com/ Frame 5F0D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5F0D 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67802
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fa7dff4a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 337E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=edf06667-1eee-4fe4-84fb-9790c7c37f21
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=edf06667-1eee-4fe4-84fb-9790c7c37f21
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=edf06667-1eee-4fe4-84fb-9790c7c37f21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 337E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 337E
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 337E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 337E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4d8d12376c242171&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFzQ88GbCPpAMG8dDUAAAAAAA&expiration=1687016137&is_secure=true
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFzQ88GbCPpAMG8dDUAAAAAAA&expiration=1687016137&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFzQ88GbCPpAMG8dDUAAAAAAA&expiration=1687016137&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
CookieIndex
rtb.adentifi.com/ Frame 337E 		0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-101-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 337E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 337E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
date
Fri, 16 Jun 2023 15:35:36 GMT
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 337E 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.dicio.com.br%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67802
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fa7dff6a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:36 GMT
merge
ce.lijit.com/ Frame 9944 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=B1419C921A984094910AFB59BC53B6E3
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:36 GMT
57424
i6.liadm.com/s/ Frame 9944
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768&_li_chk=true&previous_uuid=9213b7dce58a472db246e2ea5a9472b2
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:573f:d88c:2bfe:75a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=a36c8964-1168-4292-80d5-7e01d1dad768
Date
Fri, 16 Jun 2023 15:35:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.pixel
aa.agkn.com/adscores/ Frame 9944 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=bf58b59e-697e-4372-a811-0e8ddb8a84a1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-114.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
oio07M9uHk8qFPO3gQoB35c3Ejp3AE0bBtKjBUMdpEOMqMq_vir2Vg==
expires
0
37274
stags.bluekai.com/site/ Frame 9944 		62 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=84ce0d46-13c5-4562-b8a4-1d23c01c7634
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.129 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
3610
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 9944 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 9944
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=0f77c06a-3e2a-5dd5-357a-c9f47e815645
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0xyj6ognk9nx9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0xyj6ognk9nx9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0xyj6ognk9nx9
cache-control
no-cache
cf-ray
7d841fa7e85c4bbf-YUL
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=1f3c8877-ba5f-4c45-bfa8-89facab7c62d
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=1f3c8877-ba5f-4c45-bfa8-89facab7c62d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=1f3c8877-ba5f-4c45-bfa8-89facab7c62d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 16 Jun 2023 15:35:37 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0f8dd1fe-7d5d-8f26-cbe03a57
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0f8dd1fe-7d5d-8f26-cbe03a57
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
server
nginx/1.25.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=0f8dd1fe-7d5d-8f26-cbe03a57
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIyBQgAAPUaJFQAz
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIyBQgAAPUaJFQAz
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686929737.900913,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIyBQgAAPUaJFQAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 5FE0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139337
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139337
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139337
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5FE0 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67802
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fa7dff8a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:36 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame B51D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8779 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdoW3IceR89iVCmR4yYUhIeBF5L1Z2N53R0C4drEFZsKm8GuwHgn8jbrqo7TZm7KGid7-y7_ACVyxjSRz4yJN8FtnE0nWs0o6QZo3O9dT05i9nUYuQdzeMfbgXXdQNlojgfwq5fxW7-hMKqzLMItSd7dhtqIp73vpRv1p6B6dWyr3Vcv6HuBS7qXRnfBRuJ3_0-wCWHl6muUI9pMY1IDyN2UukgFxOUb3Bg8_6P_WINwt_UlQ0N8mh3LCh-HtslgAnuh688G99THWE-unI1H9SxbHGjQUrbMrQSkXpEbfejG-bK0TosZecen22Cbdl-KpGtE3LBszheys5ah2-mxTTLDlL7aX26u6gPvARxaR6NpDzdigc0sIV6eHMqy1p3E58E4v5rJzo-WgC2E8KjSJ2FQ_yABWyDhDiw3WIHwqr_l86wPag11LYTjG8lvmPiB2JkXw4t0OatEZNyjgU5Z7cHxiVhBXoUIJsXa3xwaTTHpHvUgpyLwNHE8Fpn2FiIOToAWCTMvP6LY4Byn0KLuIFu3YWFA-SSQE_-ioPHjfVraIDy_uNBdB-Lf521ezw-a-q_lYqhZ21QLOheALzmzIjZ90rRV4wMhOoKIlhzRhYzAg3WMWAWTvKlE0gROEUTc79i2vP2p9G4b5Uk9qVXI1ES5bmru16jeaic2bb6tMgMU2uUc-nGBnV10ASwzBQlIL2WWPol4438k-XIyh_koGvrbz9Ou5OWPcDEjFwSU8vVVOKFpTMBs5i4YOCzZAxulBKHqQzG9xK82pjbFMcIqg62hQm6jxk8fg3vRqf0BVlu8fd9gBfuaVIm49XR2H2ORyNhT874en9LYukqDOdN1_G8hhWNpk5XeLYj7NrfoLJHKzLRhuDRLgqscOdm4Hgj1rqQ6TOtWB_s52C4JuA-UmoQf-vfqOS6OBsqHza3WtAU9kYqxVpf7XMZlQYhWsH4Mdgui8JKR75TAyLlSQNE22hy2x_-yKAiwAuJQyG7FeBAQhKL5j223B4OR8FlYmL9ne0Pz5Y68ATtZHS7wFR9Db1SF4ezOebLCDJJ_ScPydN2kQhxWAQvxo1tGNqu27Yz5lTiuevam16C_wqeIBFXFfpOFgBEBmcLK2uvlCy95pbpb7n-pzvnatQ4uGQfHi_TpIvVKEz85zCtN09omBba_SpxV1ytD-oyd-0krDB13gEdCo&sai=AMfl-YRMfSn8DrZD3wnTHpH6_otqRyLVYnLPl7-I-l40twVBNuYmfouUPo0v5F7Jz_MEI2gbp4UslMm5H_Cx6XxSi4Ww6XQppuPhp7BRYeDeigxDtkGftG3otslSmjmH55fB-tvolb3ak4ld9QBDajH1ML9NJttr7XfHqqZXpYyZEBQS665xUaL9k192ZnHmJQN5_UeufHfcrzL3&sig=Cg0ArKJSzCUsX9auwWVHEAE&uach_m=[UACH]&pr=8:81198B6BB98A1740&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2191&vt=11&dtpt=1559&dett=3&cstd=619&cisv=r20230614.59357&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:36 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 948E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1171
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841fa5dc1d54c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Fri, 16 Jun 2023 19:35:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
beacon
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
191918db99156399b0606f8c0a308dcf617012541d6178eafaf7e9decdbac099

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
827
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 25D5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1426 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame 09E9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=4PN9fuFh8ZXL&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-rm9dk
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 09E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
43 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x25 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=2e5f648c-8142-4e00-a92d-af87705ce1c9&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:35 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 09E9
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3b93ea6e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
LzgN2f7QE9ctyj83gdMIwKjt2DhvzmxuRZWg9S3LWOWvkTTNO8OIqg==
/
rtb-csync.smartadserver.com/redir/ Frame 09E9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZIyBQgAAPUaJFQAz&gdpr=0&gdpr_consent=
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZIyBQgAAPUaJFQAz&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1686929737.656977,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZIyBQgAAPUaJFQAz&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 09E9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7245308046810806417&gdpr=0&gdpr_consent=
43 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7245308046810806417&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7245308046810806417&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
3718573766174295528
s0.2mdn.net/simgad/ Frame A2C4 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3718573766174295528
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74c347db1f3d766f72beaee4d19f6425fcedb5c8032ac07e6bd22744e28a4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 07:35:24 GMT
x-content-type-options
nosniff
age
547212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11544
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 07:35:24 GMT
1370513842445631688
s0.2mdn.net/simgad/ Frame A2C4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1370513842445631688
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbfad5284449012054adb538a7c71f08c3f76b61acf0039bb713161ab32deae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:23:19 GMT
x-content-type-options
nosniff
age
144737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8539
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 23:23:19 GMT
arrow.svg
s0.2mdn.net/sadbundle/911325707060117504/ Frame A2C4 		1 KB
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/arrow.svg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 22:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 22:04:10 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame A2C4 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
4801716459453162608
s0.2mdn.net/simgad/ Frame A2C4 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
usync.html
eus.rubiconproject.com/ Frame EFEA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 45F4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1171
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7d841fa62c7454c1-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Fri, 16 Jun 2023 19:35:36 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5144 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13406526
  • https://ce.lijit.com/beacon?informer=13406526
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
87023d9a57d9837775306882ea25d28c3380b7c9a8191b3296466374b0a210ee

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
829
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:36 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13406526
/
rtb-csync.smartadserver.com/redir/ Frame B60A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=smartadserver&bidswitch_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=c60f4c52841cf4875c3a9faa17934494&expires=30&ssp=smartadserver&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
43 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame B60A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
43 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame B60A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
23ab23bf-1df9-4ced-90e1-7dc0937c375b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
genericusersync.ashx
sync.tidaltv.com/ Frame B60A 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4102:4bd7:5264:40b8:b37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
get
uipglob.semasio.net/id5/1/ Frame B60A
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-b0d7B-wf5wCmt6Nve8ZAoJl6FVf4wprmhZxuWyMBhw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/8/2.gif?puid=9195223259748919252&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&ttl=%%TTL%%
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-Cnection
close
Content-Length
0

Redirect headers

location
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rum
dsum-sec.casalemedia.com/ Frame 2DA7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2DA7
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740936&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 2DA7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:37 GMT
crum
dsum-sec.casalemedia.com/ Frame 2DA7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
dcm
s.amazon-adsystem.com/ Frame 2DA7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5V531PAS58E6B86JNJW7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
dpm.demdex.net/ Frame 2DA7 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.104.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-104-179.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v048-09f482483.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ShH2ZazMSF4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2DA7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2DA7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x48 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:36 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2DA7 		43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67803
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fa858c2a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:37 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame A165 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59870
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:36 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
17599489344345796850
s0.2mdn.net/simgad/ Frame A79C 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17599489344345796850
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a20804ca4dfd32554b433757577c5eb6c689316d78cfd365feb8fe620a03124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:17:50 GMT
x-content-type-options
nosniff
age
263866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41326
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:14:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 14:17:50 GMT
6935945811615804581
s0.2mdn.net/simgad/ Frame A79C 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6935945811615804581
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b251a1907f60bfe325f2d0c45fe475d890906366e7708d9e4aa165c1d39d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:00:41 GMT
x-content-type-options
nosniff
age
563695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25910
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:18:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 03:00:41 GMT
arrow.svg
s0.2mdn.net/sadbundle/6720283131112325120/ Frame A79C 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/arrow.svg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 05:59:29 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame A79C 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
17885380010290837781
s0.2mdn.net/simgad/ Frame A79C 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4CF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGdL8wL2AqIaxg3AHwCMROzT1fepMd3wnipeDRNz4GylzqCiGVnwPO2rVYQY4z-zif4kyV7pojRGZTzbS2oyc11c9i36Myku8&sig=Cg0ArKJSzJHsWg88OXfQEAE&id=lidar2&mcvt=1333&p=0,0,250,300&mtos=1333,1333,1333,1333,1333&tos=1333,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731567&rpt=3717&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 983F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
3718573766174295528
s0.2mdn.net/simgad/ Frame 05A4 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3718573766174295528
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74c347db1f3d766f72beaee4d19f6425fcedb5c8032ac07e6bd22744e28a4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 07:35:24 GMT
x-content-type-options
nosniff
age
547212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11544
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 07:35:24 GMT
1370513842445631688
s0.2mdn.net/simgad/ Frame 05A4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1370513842445631688
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbfad5284449012054adb538a7c71f08c3f76b61acf0039bb713161ab32deae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:23:19 GMT
x-content-type-options
nosniff
age
144737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8539
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 23:23:19 GMT
arrow.svg
s0.2mdn.net/sadbundle/911325707060117504/ Frame 05A4 		1 KB
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 22:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 22:04:10 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 05A4 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
4801716459453162608
s0.2mdn.net/simgad/ Frame 05A4 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 431A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68ab0b2c948d2e85a9757fdd30098f69edb9c8a94ab16c8605804c1a4b8e3d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5814
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 431A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 36F7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 2F7D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
17599489344345796850
s0.2mdn.net/simgad/ Frame F4A4 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17599489344345796850
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a20804ca4dfd32554b433757577c5eb6c689316d78cfd365feb8fe620a03124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:17:50 GMT
x-content-type-options
nosniff
age
263866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41326
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:14:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 14:17:50 GMT
6935945811615804581
s0.2mdn.net/simgad/ Frame F4A4 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6935945811615804581
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b251a1907f60bfe325f2d0c45fe475d890906366e7708d9e4aa165c1d39d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:00:41 GMT
x-content-type-options
nosniff
age
563695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25910
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:18:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 03:00:41 GMT
arrow.svg
s0.2mdn.net/sadbundle/6720283131112325120/ Frame F4A4 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 05:59:29 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame F4A4 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
17885380010290837781
s0.2mdn.net/simgad/ Frame F4A4 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513195
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EEF5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKO-62Yq9y4X4INBWbAD5tCJQ7t7vS7v1rYzFnfWKdPwbEFkojlNHbd4lxLQyi1DrH2xJIplN4eCwMEqjI2_fokK6O&sig=Cg0ArKJSzGwBA1JX-dMGEAE&id=lidar2&mcvt=1301&p=184,978,434,1278&mtos=1301,1301,1301,1301,1301&tos=1301,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3744028455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731421&rpt=4009&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 6368 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
merge
ce.lijit.com/ Frame 3A47 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_1045D5231_63DBDD6A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_1045D5231_63DBDD6A
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_1045D5231_63DBDD6A
Date
Fri, 16 Jun 2023 15:35:35 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-369934519; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-06edef9c2dd70d070@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=448177783061932911
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=448177783061932911
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=448177783061932911
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=openx&bidswitch_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=c60f4c52841cf4875c3a9faa17934494&expires=30&ssp=openx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 3A47
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame F0E5 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33646_1045D5232_63F18A3A
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33646_1045D5232_63F18A3A
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33646_1045D5232_63F18A3A
Date
Fri, 16 Jun 2023 15:35:36 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-369934519; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0a8ecd2a7e9b07273@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=qJTDG1a51Qabu95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7257672098865546847
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7257672098865546847
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7257672098865546847
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=t1g6BrldNlKsVWcBs1svBLNaOlKsWTJT51yxr5vO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b1e30950-dec4-41f2-a0bb-8189deea1c8d&expires=1&user_group=2&ssp=openx&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame F0E5
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=968625788307119378
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
view
googleads4.g.doubleclick.net/pcs/ Frame 90E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkVF2pFrbOChz_oNUtuMpZxQ8CWc0oX9_Vo74zbS2beQkQQ3vfwAAUwR2u_ygRmPn3jc__wptAWbcnZ0LDzxeb0TUdnmdBuLYWdaTchL4LEm1ym5jjF065dVPnOgApho6S_98C5K_t-C3_HbLKpmToSKlc99kdg-HqyvWzatcvX8oPYzllWA9FGi7dQA7AwJwD82RX1c3oL7nZMAl5jjR06MX4zF7r7SBeVahGytLFt3S-4RXo-eYEQrz4Xy-ZbHGOJfkcew2SnuxTcypcqLHaak306WPkWKU5-QYAtMvjHXvykZgY8eUBS9HyHulu9tXsA0MfG92YSkKVPxIQw4QNqAbQb1aKNj-Bo-HiHUWednECjAeP7CqlI-8o4uQEGimzRA6BuAU3hpzfkmzFEzOdUdT3vOG7hPKcYcmFgS4dj0nFV_36ZFVNjdm5spPVjbxDTwG8Q1puaRbHuwxXBw1PTBH8YQ7nfoRrKwbeNmEBLoHWB24sNOjUmHfy6jjylpbMtA047qNayd8-YaLzEu8mpcq_yoyosb0P6k8Tl3tT7eohjaDeGP-571vxLIlJEnU5EdMnbirsdWZgzK-3CypkYuD9h4Jqw1oipZP_Lal1YWBmRoSbbqosu4LJeRHydd1xGOC69T3XE6XUFqAoa7Ox8NdigXYQ6h2q39ZbRj-Hw7NQa0rjzyDwhz7Mdhb90x5nrgKtjq0doZoL9BMNfkXZl-IVooTej6QaG6lE4a_DQ4JIL9LBfAmhRwIFgCp5kjkFeutzKyeQlmKZxIN4b4H9He0a5ynuWLG3IkAsgYy2WB8L-scAwzEoqodaqmAGWD4j9tf6PKCcZ4pLbBKF3cATP3CQWVtH4u9w9PKv_mCFMqoOUWVT8wBlGltkmw9XLyCUVcL7oawBJ08lFAnOCnhFdGvLIsEOkgxOR1dOpacJZmgRJllxbI9kvYqC_MLiGvv5bNLomZ7GQILJPEIv_JdomJlsZuXpoiO2_FR3Npby5tgzDLt-XApQ_n-IGtLg3IoTGttBB0MXoodApxIh9rIsV8neBITYq6Q0-xNUvJy1H63h-F3MwVJkFIOgfY15yG9hh1YGD-yK2H7u5-NDAtewL43dbDx2aGM5ZO3wdIASveIXmUoFrVuuZRI4TJJ8ZV7zPYKj3abUTHW-OWYOxc0EH4KbD5mhTJgDqibx4Top&sai=AMfl-YSI-1_YH37UmrhfdQO90YGT048G75qyxje6m5tUwa1vfj5bqQFG68WdukpkSgzK5BbLW2nYjkXXfkta-5Qs8_EmlSu6ENmD6LzUZgTBbpZxtywpz3ZRwv0qdeEqt2HsvkmKNokx4yuxKsYdNz6z6nQU5QUE2-g3z3JPUYbRGck9RIX2ZI6n-X3xaapQ0c5SbI8APx3x81SG&sig=Cg0ArKJSzLNOSH5fN76lEAE&uach_m=[UACH]&pr=8:0393A9E3EFF2D21B&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2375&vt=11&dtpt=1773&dett=3&cstd=587&cisv=r20230614.48232&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:36 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 9A70
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.128.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-128-167.compute-1.amazonaws.com
Software
/
Resource Hash
d8a4114dd7ab0232f190d0ab9af330576317daa0221978f78235da3c9af1cc4a

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 16 Jun 2023 15:35:37 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:36 GMT
location
/um/cs&eq_cc=1
cs&eq_cc=1
um2.eqads.com/um/ Frame 2079
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.128.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-128-167.compute-1.amazonaws.com
Software
/
Resource Hash
d8a4114dd7ab0232f190d0ab9af330576317daa0221978f78235da3c9af1cc4a

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 16 Jun 2023 15:35:37 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:36 GMT
location
/um/cs&eq_cc=1
usync.js
eus.rubiconproject.com/ Frame A499 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:36 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74394
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usync.js
eus.rubiconproject.com/ Frame 1426 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74393
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
usync.js
eus.rubiconproject.com/ Frame EFEA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74393
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FD1 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8296629820691&version=m202301230201&ct=76&x=1&cor=1845350794517337600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
948a6b94290f
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=G03niPZH5lRXKpa0QfmyLxxR&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=791276946469
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=791276946469
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=66&3pid=791276946469
Content-Length
0
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT, Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
sync.targeting.unrulymedia.com/csync/ Frame 5073
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1718303100
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=fmx&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bc536fca-af38-4510-b950-06f9fef4f658
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 5073
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5073
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 5073 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 5073
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1720505703&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sg_GPT&ea=ImpressionViewable&el=%2F1062898%2Fdicio.com.br_new_mrec_home&ev=0&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&gtm=45He36e0n81N8R4QNX&z=1329991718
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 08:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24021
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F28D 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT, Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
pixel
cm.g.doubleclick.net/ Frame D1B2
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame D1B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
sync.targeting.unrulymedia.com/csync/ Frame D1B2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=815516820
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10598377302679827463&ssp=fmx&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D1B2
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee3391fd-8076-432c-83a4-c0a19521d5b0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
587c5b4d829b
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame D1B2
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 431A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:37 GMT
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=648C81483D38189FC8FCFE9FBLIS&gdpr=0&gdpr_consent=
Content-length
0
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=X6eQx8cX9MYIG3v0sS6B&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT, Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1B8B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6790614616
  • https://sync.1rx.io/usersync/tradedesk/0fd146a2-2ce7-4bf7-884c-487b3aa91b71
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
42 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
Tengine
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Content-Type
text/html
Connection
keep-alive
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 1B8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=G03niPZH5lRXKpa0QfmyLxxR&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
server
Aorta/20230614.aac0e811a
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:319e3af96cd7cee22dc0f193110fd3be
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0279afcdbe6a
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1B8B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=S0bjrEVD7_hQS76rT0X2rk9E4_hQR-v5G0KOF3Uk
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1B8B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
49d3a550-ab65-4b92-a98b-3b56322b96e7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 1B8B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929736753&oz_l=4218&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:36 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7349 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53ef9ae0706da716c89de4ce9a8cdebbde3b80076bc39857ab88c3df43ea105d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5654
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 7349 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A256 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
aeb61c3afc69fcf35f7a3cbab81358ce9704ef4abbea93558a7a1db676d6638d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1429
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:37 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3F44 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8699f09d30935ee3dca9a31c9b8d142115d1a0f2386ecc672656fe54a7e47112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5665
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 3F44 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 06:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 06:11:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 52A6 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6685944&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
77939a2e6a90ca70375d7c41d347a68883f8f05d16689af346835b1de6b8e187

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8779 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBi84U_qcEnfRu8dkB1hMhUhvbl6WOe3hABfx1DrfMT9Vfpm8f3lwp3I0GlatX0MA_dbIgHZ9krsKl3H8iQQA8Vsu-6gZthYA&sig=Cg0ArKJSzPrIsjPbFh8UEAE&id=lidar2&mcvt=1391&p=0,0,250,300&mtos=1391,1391,1391,1391,1391&tos=1391,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731601&rpt=4228&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 90E5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8qa0HkbsTHZM1z45QqLf22ZctTBO11WdFP4X9zk6iHo1ARRzam-SC9LFllaHxbaoTvuHo_t7H4j1YNKjJ4E-EgyyI8qQr47s&sig=Cg0ArKJSzK-HXhqL-kdFEAE&id=lidar2&mcvt=1394&p=0,0,250,300&mtos=1394,1394,1394,1394,1394&tos=1394,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929731559&rpt=4314&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5A14 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b9bf40d854f31b2a3f898304b6bafff7a5b212d479bc8f62402d393e3fb3635a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1292
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:37 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 10C6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
bf618333634a926d0872fe038848783bdf0bc51476621228d150778d97f7de7f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1821
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:37 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
truncated
/ Frame A2C4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD26 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A2F8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame ECAB 		817 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
26dcff3bf61c2c77229496cf2251782cafb598cf31691d6233858c6310e22b7f

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
515
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
4801716459453162608
s0.2mdn.net/simgad/ Frame A2C4 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame A2C4 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=VR116lXY3h&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
truncated
/ Frame 05A4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
4801716459453162608
s0.2mdn.net/simgad/ Frame 05A4 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 05A4 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=iIWSyKcJjj&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4AAF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5FAC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 451D 		794 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b685be923a691797281736076d174a1283860be2e316041f058da186b49e635d

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
438
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C337 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D6B5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59869
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 14A8 		794 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13406526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b685be923a691797281736076d174a1283860be2e316041f058da186b49e635d

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
438
content-type
text/html
date
Fri, 16 Jun 2023 15:35:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame A79C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
17885380010290837781
s0.2mdn.net/simgad/ Frame A79C 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame A79C 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=I4GYh8U37T&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
truncated
/ Frame F4A4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
17885380010290837781
s0.2mdn.net/simgad/ Frame F4A4 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame F4A4 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=E3NfvubekV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7349 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:37 GMT
crum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:37 GMT
rum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740938&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740938&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740938&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
bridge
cm.adgrx.com/ Frame A256 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.83 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72c3717f-b617-4d42-b055-11bad514223e&expiration=1718552138
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72c3717f-b617-4d42-b055-11bad514223e&expiration=1718552138
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72c3717f-b617-4d42-b055-11bad514223e&expiration=1718552138
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame A256 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0BA7J72EWY3437776CN7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADU507JGQMAACEM6-pGFA&expiration=1688139338
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADU507JGQMAACEM6-pGFA&expiration=1688139338
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADU507JGQMAACEM6-pGFA&expiration=1688139338
Date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame A256
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521738
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521738
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f7f05902823d4015be08a20cdbf5ce94&expiration=1689521738
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A256 		43 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67804
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841faf1b72a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3F44 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:37 GMT
crum
dsum-sec.casalemedia.com/ Frame 2079 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=0e185734-fd32-4ea3-9fca-2ca5e938dcca&expiration=1694878537
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0
crum
dsum-sec.casalemedia.com/ Frame 9A70 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=0e185734-fd32-4ea3-9fca-2ca5e938dcca&expiration=1694878537
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF0 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5071363388619&version=m202301230201&ct=76&x=8&cor=8407216993199261000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 5A14 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.83 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:30 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b177b04d-40a8-4a61-9855-48f49740982c
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139338
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139338
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7257672098865546847&expiration=1688139338
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2359921639606788299
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2359921639606788299
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2359921639606788299
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 5A14
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_ab31e695ed944bb18bfef
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_ab31e695ed944bb18bfef
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_ab31e695ed944bb18bfef
date
Fri, 16 Jun 2023 15:35:37 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5A14 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67804
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fafbc5aa214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:38 GMT
crum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1702740937&external_user_id=276bcaeb-211e-46bb-8f28-7eca6b2ccfca
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Jun 2023 15:35:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B1419C921A984094910AFB59BC53B6E3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Jun 2023 15:35:37 GMT
rum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eD5LA3Y7R1djMxYEfD1eAXw8S1djP0NWKDoxgeH_
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 10C6 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.83 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662098136136277
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662098136136277
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
503
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662098136136277
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d841fafd8f333f7-YUL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=9195223259748919252&gdpr=0&gdpr_consent=
date
Fri, 16 Jun 2023 15:35:37 GMT
content-length
0
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 10C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 10C6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=qJTDG1a51Qabu95
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=qJTDG1a51Qabu95
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-06edef9c2dd70d070@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=qJTDG1a51Qabu95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 10C6 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnucleads.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
67804
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d841fafeca4a214-YYZ
content-length
43
expires
Sat, 17 Jun 2023 15:35:38 GMT
merge
ce.lijit.com/ Frame ECAB 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
CookieSyncOpenX
rtb.adentifi.com/ Frame ECAB 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-101-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:37 GMT
/
csync.loopme.me/ Frame ECAB 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=467b79b0-8062-4c66-9f58-8977ebeb8eb5&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.161.112 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
112.161.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame ECAB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aae1245d-b3cd-417d-b508-3ce0a992eebb
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662098136136277
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662098136136277
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
686
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662098136136277
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7d841fb3bf11ecf6-YUL
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame ECAB
Redirect Chain
  • https://sync.1rx.io/usersync/openx/30ec4582-5d07-4a88-92be-dbeffdf45afb
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Tengine
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Content-Type
text/html
Connection
keep-alive
sd
us-u.openx.net/w/1.0/ Frame ECAB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADU507JGQMAACEM6-pGFA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADU507JGQMAACEM6-pGFA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADU507JGQMAACEM6-pGFA
Date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame ECAB 		61 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=6bf63c7f-8db2-4203-a11c-fc69e9a3845b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:38 GMT
merge
ce.lijit.com/ Frame 451D 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 451D
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=dd3a185d-8a35-4ef9-989d-689aebe82e80&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 451D
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_fd44b766-95e6-4dc7-ade2-541e494039d6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_fd44b766-95e6-4dc7-ade2-541e494039d6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_fd44b766-95e6-4dc7-ade2-541e494039d6
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6
tr.blismedia.com/v1/dpusync/ Frame 451D
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=648C81483D38189FC8FCFE9FBLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D648C81483D38189FC8FC...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=648C81483D38189FC8FCFE9FBLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:40 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 451D
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=385d59879c691492&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-lQNoCT18AAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-lQNoCT18AAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-lQNoCT18AAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 451D
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7402161381191044652&uid=Q7402161381191044652&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161381191044652
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161381191044652
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161381191044652
Content-Type
text/html
Cache-Control
max-age=86346
Connection
keep-alive
Content-Length
154
merge
ce.lijit.com/ Frame 14A8 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 14A8
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=dd3a185d-8a35-4ef9-989d-689aebe82e80&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=791276946469
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 14A8
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_a5d78291-c900-41d3-8719-58de46375dc1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_a5d78291-c900-41d3-8719-58de46375dc1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_a5d78291-c900-41d3-8719-58de46375dc1
date
Fri, 16 Jun 2023 15:35:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6
tr.blismedia.com/v1/dpusync/ Frame 14A8
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=648C81483D38189FC8FCFE9FBLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D648C81483D38189FC8FC...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=648C81483D38189FC8FCFE9FBLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:40 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LIYQEMLE-B-GF3X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 14A8
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1d28d45562732171&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-mQNaU8nfAAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-mQNaU8nfAAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAHTuJb-9V-mQNaU8nfAAAAAAA&expiration=1687016138&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 14A8
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7402161382137559395&uid=Q7402161382137559395&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161382137559395
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161382137559395
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7402161382137559395
Content-Type
text/html
Cache-Control
max-age=86346
Connection
keep-alive
Content-Length
154
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1357984827745&version=m202301230201&ct=76&x=8&cor=15107947211301724000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6662210744106&version=m202301230201&ct=76&x=8&cor=17805734626571071000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 451D 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 14A8 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=cf348b20-cc06-42ee-85ef-34a123fd29d5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929738019&oz_l=154&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
Pug
image2.pubmatic.com/AdServer/ Frame A4E7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 16 Jun 2023 15:35:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4025
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:37 GMT
expires
Fri, 16 Jun 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
682340
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 97ED
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:56:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:38 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=70ddfbea-0c5b-11ee-829c-b199bfe3b49c
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame C52B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jun 2023 15:35:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=QmPwlEyTXoVQwRwNm3kqx5U4mbg&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1388
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qJTDG1a51Qabu95&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qJTDG1a51Qabu95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Jun 2023 15:35:38 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:qJTDG1a51Qabu95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-06edef9c2dd70d070@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 48FC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791276946469
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791276946469
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=791276946469
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 0CEF
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=72c3717f-b617-4d42-b055-11bad514223e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
42 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.58.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-58-84.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 16 Jun 2023 15:35:38 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 0CBC
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
42 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame E0DE 		43 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7d841fb29d48ecf6-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame CEB4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=3812646979
  • https://sync.1rx.io/usersync3/mediamathtest/1508/2e5f648c-8142-4e00-a92d-af87705ce1c9?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:38 GMT
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 26E4
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 834E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mmXYKf62ARWWNDIrS4GMZA
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mmXYKf62ARWWNDIrS4GMZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:56:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:39 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=mmXYKf62ARWWNDIrS4GMZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 4FC9 		43 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 4A77
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=99c0a2ba-c407-4d71-a929-c4a35950d27a
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=99c0a2ba-c407-4d71-a929-c4a35950d27a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=99c0a2ba-c407-4d71-a929-c4a35950d27a
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame BA6E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 16 Jun 2023 15:35:38 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 10BE 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:39 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-ce3a8e7e3a54@version_1.554
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame AEB9
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7402161381508317360&uid=Q740216138150831...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7402161381508317360
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7402161381508317360
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:52:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=86346
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:39 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7402161381508317360
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame CBD8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3&gdpr=0&gdpr_consent=
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 16 Jun 2023 15:35:38 GMT
expires
Thu, 15 Jun 2023 15:35:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B1419C921A984094910AFB59BC53B6E3&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
merge
ce.lijit.com/ Frame EBD5 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:38 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
396846.gif
idsync.rlcdn.com/ Frame 52A6
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 16 Jun 2023 15:35:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f61c2a86-ebf5-4e83-9d2a-02f462d7775f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246/gdpr=0/ Frame 52A6 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.219.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-219-236.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.42.157
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 52A6 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame 52A6 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-231.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 52A6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3Dbb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://rtb2-useast.marketiq.com/sync?adkuid=A652393035817929802&exchange=685&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A652393035817929802&expires=5&ssp=pubmatic&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=
1 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Jun 2023 15:35:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 52A6 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-101-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:38 GMT
sn.ashx
pmp.mxptint.net/ Frame 52A6
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_1045D5232_63F18A3A&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-369934522; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:38 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-369934522; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 16 Jun 2023 15:35:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 52A6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:37 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 52A6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7257672098865546847
42 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7257672098865546847
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 15:35:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7257672098865546847
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 52A6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7868782405983581932
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7868782405983581932
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:57:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:39 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
07df7206-7370-4881-850c-23467fb63b36
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 52A6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fdf26f3f-e4c8-431b-918b-1bd66ba6ecf2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fdf26f3f-e4c8-431b-918b-1bd66ba6ecf2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Jun 2023 13:56:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fdf26f3f-e4c8-431b-918b-1bd66ba6ecf2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 16 Jun 2023 15:35:39 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
track.adform.net/Serving/Cookie/ Frame 6FF2 		92 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9fae3fa909537585985cd01ae9464d7bbb0c381c0577e9aecf9fec5a30fc8c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
201
expires
-1
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame 6FF2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADU507JGQMAACEM6-pGFA
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADU507JGQMAACEM6-pGFA
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:19 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AADU507JGQMAACEM6-pGFA
Date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58170/ Frame 6FF2
Redirect Chain
  • https://pixel.advertising.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=1&gdpr_consent=&_origin=1&redir=true
date
Fri, 16 Jun 2023 15:35:38 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.57
content-length
370
content-language
en
/
sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/ Frame 6FF2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58368/occ?gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-h6oDHolE2uEKi0eMqoKCtbI33_dPGmCPxfnBZ.E-~A&gdpr=0
95 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-h6oDHolE2uEKi0eMqoKCtbI33_dPGmCPxfnBZ.E-~A&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:19 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1334b6ec0ff0dc970481738a2374448c/?uid=y-h6oDHolE2uEKi0eMqoKCtbI33_dPGmCPxfnBZ.E-~A&gdpr=0
date
Fri, 16 Jun 2023 15:35:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 6FF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7868782405983581932&gdpr=0&gdpr_consent=
95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7868782405983581932&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:19 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 16 Jun 2023 15:35:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
929aabbb-b9db-411e-b65b-e3026261a9ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7868782405983581932&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame 6FF2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:19 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 6FF2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=edf39634-495a-42b3-acef-0zz1686929731
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drichaudience%26bsw_param%3Dbb6b4e3f-4d9a-4ab2-b007-b89982...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9&expires=30&ssp=richaudience&bsw_param=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_ps=
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:19 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_ps=
Date
Fri, 16 Jun 2023 15:35:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=5916&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A4018%3A673&aa=1&ad=5731&cn=1023&gn=1&gk=5731&gl=1023&ik=5731&ic=5731&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5085&cd=717&ah=5085&am=717&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=3&tc=0&fs=203695&na=1610928772&cs=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:38 GMT
3718573766174295528
s0.2mdn.net/simgad/ Frame 431A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3718573766174295528
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74c347db1f3d766f72beaee4d19f6425fcedb5c8032ac07e6bd22744e28a4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 07:35:24 GMT
x-content-type-options
nosniff
age
547215
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11544
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 07:35:24 GMT
1370513842445631688
s0.2mdn.net/simgad/ Frame 431A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1370513842445631688
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbfad5284449012054adb538a7c71f08c3f76b61acf0039bb713161ab32deae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:23:19 GMT
x-content-type-options
nosniff
age
144740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8539
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 23:23:19 GMT
arrow.svg
s0.2mdn.net/sadbundle/911325707060117504/ Frame 431A 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 22:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 22:04:10 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 431A 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
4801716459453162608
s0.2mdn.net/simgad/ Frame 431A 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 0FF3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 360E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306120101&jk=1793647499183307&bg=!09Cl0ITNAAaGYqkwpmI7ADkAdvg8Wm2C-34NGfR9F3iaN6pYGJyO-6_hOeDxOSeYeOYNSdhmTaoUTBOrNhqeUSk5SeqpohNi4W8CAAALBFIAAAAFaAEHmQMQI6L6xysONySoSvQHKbIWhvxIps72gaT7ip5Uchr5498qoldmlcl9s0-BkPl4TAzlssbQVChBGKizPTTat4fcgP0Bv9kmoGmLzZRlDJIZ3R8RvC6atKvAKwZ3zoMNnfnKflHBrwGi6ejwqrp68mpvqhYeXVLePE9OjSCF4MKJ1DEsaxjLJvYGU-8eaj1hGdicSYSUvTHDkbIsrcNT1gZFX0aTYWIYIH9miyn2hoWgGCyO5gwQC-IEy3C4ciIuMCx9kDKsWRAjgLHGyMRcS-_0JSNY0tNFeCtOumDa8NdgUEyaGi4j9l2s1_ITBhLVm3t_FyvHUFHQ7ymACEzzoDaRo8I9HXz2BLeRpuIPz8UA9jTWAhU9ks1wWFaAwSmSX4kyQ3wmmS1ih1JXnFx9oGOHA0DDqJG6NDdLn6u20VcHmjF5iRGm6r1CuYyz9yuN2DZe7lsTA8aUCMdyayV2CgeubbCI4P12ev9PBd0u0ZKVOXBpMXUm5U0xRkCR51U6Pvpc4sWcnFUE-7vZafWnN92Q3fsuHcC4peTpN6hB0Tu9nXePjBu7YKo2kX9PeM71oAJ-fP7V5l-rfHPRVr70M0sNf_MQVxwLfxv0K9kn-GwIB1ukSoUo5TRkbxZc9E_3QfSrcAsmLMrCg6fgqPu-k2duY84gOTu2xxL_XM4-7Cb7qGN0XhbeR4I-NWcU-p9HchywOhiMS49IzGHJ-6ofGEbXuNzrGrru0RxICHdGaJiU3n4FrfKtFjwbyrTXoaKObz_8AfmSKBArZHLxuoogyjwJp8tHqEDBnJY7Oe4e18R_yJet0fRfBHXeSMPHxMuTv_sckTty0hRWLotLoknNSI553wpKkKYQ-3DzViY306IgM6gi5-_OduqaW6oPnOBvLpBXUn212s07tywFTnZMjvuzZR8JBXNCbsXY7B4eZf1xSXsn9ioEZM2KKUAiFkIRdTyoQHTvNhGx3UQ0QpoGfPzFpOdloGgngZva-7Lu5Qp0H5BwDgGV_5SV1O8ejayKlUUVdWVNc6oLZj_OtoXuDkOOoA
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 369D 		573 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10261486&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
73dd30b9caf91c89a83a07599a85918d9097bd01e78eff87020953a4fc0dce7b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:38 GMT
content-length
573
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 1B34 		637 B
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82877288&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
949ef7fe964165bb6d854edd00313b8b61d8dc3df850ada94d61a506eae9b3b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:38 GMT
content-length
637
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D6 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6co5RIGMZMTgLY2xzwX-orP4CgAAAAA4AeAEAg&bg=!KyilKHzNAAaGYqkwpmI7ADkAdvg8Wk9k_nN6IgzG4BGyypn1Ly2Ia9KRzPuYW7WCIqjTqtpMOjKTMFaLlEPow7mch0nd85ik_5sCAAAOGlIAAAALaAEHmQMlApMNla6RAdbFnALkCsSAiu-IRk2cTS1PL-dzzQ1UKh_iL1jcIkIUqrr_nWsNKYJU98Lw5U59m7bBQTYhbOjrs8Ea8OFEI73PkIoF38fsm091-hPw2FEL6X-TfwnHRdNU3Z2CD8S5esJP8dEvYjkIztLTaAs8PFAA03WsHlk96rr-ZxUk3dLMifCOC5A2InEB7gfl42fPPwQzjwfP7uJ5FgEFHtIT4-GvYOyFanS9UarZgyQ76eLEYRVDYzvxjPtnwHF0w1gPh_VniOXjgnm7o7rPR09t4sumue_6GW-u9zRkOy998dz-AF1eYxoCRh9cILsAKmenQyJmGcYe8AumSbX2POcRV01a3QQ3dgNhPNi-h7LuNkY3jOy9bIehm0LQegV4KsFeCM8kmCSeKhI4_Xr7Jo5enZn-dOvXiJ5mQng9yMyJjPBHQHmT9P_LwP5J2MbzYm8aGzF3Ei6eZKn4yWMKIpuN4dAo-dEKlNP-DYtbHJujeSM_iXD5G2lvmrySoGjyh8Pa7c4xAK2GS0aoRDu8Ru7t_Tz3S06Hr-v7bl0zMA3E9OOsFg5ilhT9q6X6GLoyjQTLimre7gLsmwEzerGI1cr9LEN2t0Ef0FA4riwlWEuws0SMNO8mcaV-yZsHBy2KW4nR7m95XCSzxWTDf7cVgUJ_a7gSV19LUNrSE1-G1DMVcDmt3BsI7ikL6Ocy2BcaH2vIvMsasjcKaILtPz6QjrnKAXVK2I2FoY1D7_QlR97o0HrhiEwwJCtAvO55StEgDzhi5PqqKjUhyKE-b6GL0gNai1ES8KiPtuBZsjuLaMFTZ4AUBPCWdvYi-O5RCb8mEaJxQBY0CYn_SqQfTBzfd337qM5X6FWmOv7vQvvcAbNIGhsSUXcM7jAQZwJh9uaYTCA5JsXUlDeQ5UEuszls26linSGs98UEmv7kXlisRnRRNt4ZQs9sIudJh15DTKTYxavkZS91cuXausu94TwZ3fnX7fM3ykkBhCg35BcW1KHeePO3jD-vbGJzMWRyOhOIJVtponJhVJii1-3NNyoGbsWp28vKuDM8rshKp3Yw_tutbw
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AC5E 		164 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72639198&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
145d24d0b6cccec903d3f623287441c4db2fe37798915fa381b0424656975003

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:39 GMT
content-length
164
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=6416&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A4018%3A673&aa=1&ad=6230&cn=5731&gn=1&gk=6230&gl=5731&ik=6230&ic=6230&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5898&cd=5085&ah=5898&am=5085&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=3&tc=0&fs=203695&na=620288186&cs=0
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:39 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame BBB4 		47 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32974649&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:39 GMT
content-length
47
content-type
text/html; charset=UTF-8
17599489344345796850
s0.2mdn.net/simgad/ Frame 7349 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17599489344345796850
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a20804ca4dfd32554b433757577c5eb6c689316d78cfd365feb8fe620a03124c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 14:17:50 GMT
x-content-type-options
nosniff
age
263869
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41326
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:14:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jun 2024 14:17:50 GMT
6935945811615804581
s0.2mdn.net/simgad/ Frame 7349 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6935945811615804581
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b251a1907f60bfe325f2d0c45fe475d890906366e7708d9e4aa165c1d39d7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 03:00:41 GMT
x-content-type-options
nosniff
age
563698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25910
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:18:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 03:00:41 GMT
arrow.svg
s0.2mdn.net/sadbundle/6720283131112325120/ Frame 7349 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6720283131112325120/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 05:59:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552970
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 12:07:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 05:59:29 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame 7349 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513198
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
17885380010290837781
s0.2mdn.net/simgad/ Frame 7349 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513198
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame F457 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame F137 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
3718573766174295528
s0.2mdn.net/simgad/ Frame 3F44 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3718573766174295528
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74c347db1f3d766f72beaee4d19f6425fcedb5c8032ac07e6bd22744e28a4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 07:35:24 GMT
x-content-type-options
nosniff
age
547215
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11544
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 07:35:24 GMT
1370513842445631688
s0.2mdn.net/simgad/ Frame 3F44 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1370513842445631688
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbfad5284449012054adb538a7c71f08c3f76b61acf0039bb713161ab32deae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 23:23:19 GMT
x-content-type-options
nosniff
age
144740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8539
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 23:23:19 GMT
arrow.svg
s0.2mdn.net/sadbundle/911325707060117504/ Frame 3F44 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/911325707060117504/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 22:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:38:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 22:04:10 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 3F44 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
4801716459453162608
s0.2mdn.net/simgad/ Frame 3F44 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929739336&oz_l=49&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame 5F43 		47 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3803390&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:38 GMT
content-length
47
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD81 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-pGURIGMZOXWLM6QxAPPwb-ABgAAAAA4AeAEAg&bg=!dnWldSHNAAaGYqkwpmI7ADkAdvg8WjtVlpopp5aI8O9Prkg4ffgoM3oLGiKXQmWClTBR9J9Tx_FmYGEjDR_I8aC9z5hpdi3RV04CAAAPKVIAAAAHaAEHmQLxLmx9m4PrKvpZ0y6OMj55Zxg2wcSuwi6H8SN4BEJb7x7CM6WOYbESYBKNwVm42m7phNbpBviEUlAVGpqZKNLikmIinErdHUAVAwV6dSPcFmgaUD7xqFPXWgBpBwya_F7LZBxSwGr4-DuPaUS1w-pEPUgPURr_JM-HJExXzXGILrsHci3hpULzVtZgn4M0WEgB_wEs8ahElnJe0vWjaxhmBt7bpaZlJ1Huh_NX0hMy-mAZhnjSc3WuCqp7kXSeHp8F8nN1BHOTcpz0LGpM-CEveYXaRQ8drG19m2NBs9uEdLfnHql5hT-tAEZN3fL4MVKU76J3kxpH2w_kIPyDG8uifbg72K2OhoP-sXfNKKqSXoT7YCiIfcvGynhATUQycedi-ZdFrESiyBNoggNKYkni-ly2RT-Z4Q_zcY6ZF2hgEJhvDb7J9QjFtXIWrjzGItwykSelK8wTGkWs6-PA7M_7l2Hfbu1iy4Iewdowb4XmyQvH_c_AvEwcA-nrYbpS81N4dHt8ltQk5rjA2euypIprsHmYT4fbe-uHEw_1T_1C18wOqjKQ5IVsE8lrZwwooai1uPqPKbD9hfIZildZKAOKFwCgKUT1tt31kwT4s67GIFJn6Y3VTr7UCM5KhavGOybhqevG6GNkRupflV5x2R6UYCorPGjh88h8_mSwcyANcN0SMLTn-n_0LNwwmUOSrgm9bTSM0ocDz1S_Dbcn8YOAsuXPF1LTH_aBuumgwPEH6uL1FG0q4wp-cwaFaSITnsFYP6sm1xfFyZjfg9TPTJI3RdYEQn21iEppm-h9hIXVSzl1LVoXX6Xb44h5PPdleaN1kwUCkjCg4A791qbL91jVustIZiJNYjbwa0pWrJusTv5Rtq163g8WjyVWPg_cQOrVAQ14u2Lmu8z-9h2J-0b9ykPf-WZf4pYekTmz3qBIwh3iZYvLnwApFDWQi3GEgUYaJBFFNADk4cSwn6mOnyYDj7alXfowem3n7NF9GZ4cCOga
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 431A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
4801716459453162608
s0.2mdn.net/simgad/ Frame 431A 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 431A 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=fYcvKpr979&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FEC5 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49954208&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:40 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 21BF 		47 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3963622&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:40 GMT
content-length
47
content-type
text/html; charset=UTF-8
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 6FF2 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=7257672098865546847
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4759506540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
date
Fri, 16 Jun 2023 15:35:20 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0627 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9_djRIGMZK-eNM7izwXBvqn4BAAAAAA4AeAEAg&bg=!FBelF0PNAAaGYqkwpmI7ADkAdvg8WuqZ2mpunzw8QtkCnahzKXHDHX0wYiE-dxOJjWQ_3mQZAOLtsym2BwY8jUBP-dQxJ5XggwcCAAARRFIAAAAFaAEHmQMIgOmGOCVxB9rDL8dxOF0rMP-pTJuAaU2-qE8FKKyfXFH7sG9osRuLtNPivrWso2SLAXSGdUvVqVR_gdOkenKvqGuczMxIfkI8c7NqPsgUKORKNDs-LvNN95YLlNqYWbJuesOW_clNghl9YAtmKtEItExWnL2lgEIPUOurEPls95BX2kaOaUk-vssKMF0VTnBxCWEuHGEJIx4SzuxnHMY2cr5njob1BlThvT1aVghfvIaH3qTijuhDOOOsm5yklRIY64h0c5kcY_GNoJ1vpUQ14kWSCx5ObnNd2U5Lvc4CVPfzmEEioq3_MYjqVQ2jv48lcbMZk3CW6zerJAzhnUikeAu4kg8n5GA-Yb1M8_Q9kSac-Id8wVQ4OodjeuOx2k4oN4xxjWyimAuXT9O9V9rZU3iyb9NLBTy6jj_gVlKKpYgzwTxua_M_dcISpbDMaSDTxEZJwVy0inHzyZDwDTjOVwXWWODswELNShV9Qizx5SoSEy-hivWGLKM-Orn0IJPvecEA-hNdyATEp5Km-SnxLMzNeaA5L3eK_ivTHANBYrTdkJac6MS2YzUSEkgsZ5GzkiTEMZleguqYCoB1lYB33fbsfd0Oj_TFyBtYOkHKh3iifJWR0H8OGc6gimZzZ_sz2KJWohvKG9wXCwdKeFVv59tq5OfEF0qw1CXhW0M4_gW2Is6Bz3gTZLVJlOMdrKx6ooUi93nVYjd8Xo27T0vGEqdzL0BWxwc6UK3O-PGQkhYOc20ktwUVBuO_dzV-2HabP9P-5jpxcnyO_dluBBYrIpS4ehy2ggDpGThDVlVdaWT39WbXvVgTMfGUXf4uwZZfje5qEq3wDTJG3XbgnjofNOONI1l47c0_PXMFmxlSVRQoATgfzAIn2ik3kmZO88EM-sRdGYP3V1NraUiktZlricbSNB4hIb95S4LpgmQiNefgsLovzk_LBzl-XLuZR8031sMP6FY4eXQ-ivADrB012DlagaDD_wTbiroWIU8S2-ugie40OZG59kOlfm7DX3SLgeuuDYwQHcw
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7349 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
17885380010290837781
s0.2mdn.net/simgad/ Frame 7349 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17885380010290837781
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513199
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390726
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:57:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
11649868593100729016
s0.2mdn.net/simgad/ Frame 7349 		551 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11649868593100729016
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6720283131112325120/index.html?e=69&leftOffset=0&topOffset=0&c=h63HKEW4rC&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 17:02:21 GMT
x-content-type-options
nosniff
age
513199
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
564477
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 11:47:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 17:02:21 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B298 		47 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97584719&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Jun 2023 15:35:39 GMT
content-length
47
content-type
text/html; charset=UTF-8
75145
i.liadm.com/s/ Frame 369D 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.227.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-227-11.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:40 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 369D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.57.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-57-151.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.46.42
content-length
49
expires
0
/
io.narrative.io/ Frame 369D
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://io.narrative.io/?io.narrative.guid.v2=730552b0-0c5b-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=730552b0-0c5b-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
18.214.175.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-175-210.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:41 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=730552b0-0c5b-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Date
Fri, 16 Jun 2023 15:35:40 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 369D
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
52.44.244.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-244-58.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Jun 2023 15:35:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
truncated
/ Frame 3F44 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
4801716459453162608
s0.2mdn.net/simgad/ Frame 3F44 		428 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4801716459453162608
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 06:34:35 GMT
x-content-type-options
nosniff
age
205265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438430
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jun 2024 06:34:35 GMT
6310622261948400669
s0.2mdn.net/simgad/ Frame 3F44 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6310622261948400669
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/911325707060117504/index.html?e=69&leftOffset=0&topOffset=0&c=q1WAgWnVWV&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 10:36:14 GMT
x-content-type-options
nosniff
age
536366
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284005
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 08:47:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 10:36:14 GMT
merge
ce.lijit.com/ Frame 9A8B 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
match
c1.adform.net/serving/cookie/ Frame BB14 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
g.pixel
aa.agkn.com/adscores/ Frame 1B34 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-114.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:40 GMT
via
1.1 10a23502057a5449ee9e08eab6e9c0d4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
Qhcre94f56VCRfskMRjDT3kfCICaci-8IPfuneCG5LvX9ZCsyogfGQ==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 1B34
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:40 GMT
Frontend-ID
2
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:40 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
5386
tags.bluekai.com/site/ Frame 1B34
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ec1a240fec5b88db6be9a8402e11d6e&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-N8uQ6rVE2pRwyaUOYeRPZKqFvibjb7FGCw--~A&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=ef5199e1bacefaba
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.3.115.129 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-129.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 16 Jun 2023 15:35:42 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=0fd146a2-2ce7-4bf7-884c-487b3aa91b71&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
221
362358.gif
idsync.rlcdn.com/ Frame AC5E
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHCb7TFGpav6EcqvARDhWxU&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHCb7TFGpav6EcqvARDhWxU&google_cver=1
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEHCb7TFGpav6EcqvARDhWxU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDD8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlDQjRIGMZNeHLNOSzwXY9J2QBQAAAAA4AeAEAg&bg=!WFulWw_NAAaGYqkwpmI7ADkAdvg8WkN1u14nRKzJoxYrt8axf50-xexCNMQ05p1Nhj1z_kFdZdC-m1rSxj49j3Wt0mKwIjpGqnoCAAAToVIAAAAEaAEHCgBuPnw26Y2AG7TPOi7uhw2CC0qf9IfvFUwMUIAENFgTcLaU6AkLzWxuhwIipOD--vRMnu8dBKsIvyEiImrr3WhlNMeYPFBi5OGkYQaX2RghvR7qaUt-YvpHhPY1b92_Taz6LtGdXUn4AbOcZd58gWSZAxMv9daw7EC2Xi9Tei9Ke_Bb10Manq70rAZge6XlbBoOXkXKxK-nSmVS0uXo58m8V7kbMf_WnbkWtxjRsqm3nOaexsF8mo0w34f3axoUIy23lvV1LPri9XIAB5bEYGKjXQX24clff_FUzxFBnYNEEQYgc6goKrF-wZBcIpsWy5N37tDZfCXacP8YTLfG_6rQcJdbieIxKpMzFHoNDlDVWkbDkygImWsrnKSx5mnAbazHS7LpBLYl8E20iO0YKQrV1RIaqrWn2j0CoQ79aWAyHvEWaka0v8g0UuRp89EO2jtcdE9k6HdU0J90Fxh1qfqO2p7ZhF9gXtLitswgwhrEracx6q1NQB4bgi8plAi9GEDBeEBc3_HG6i3v-5z8WCQhr6IrhBjQQZdbqGC_WOWbKHhmoatrzNDi8SZoGx64Y6MaGCK6gVGwcuNMUYMEI9lIxK7Tzw4Sbc9QyIIEb2AeHyMs2Gug_6ysieQftllC8hs4JsbFlaGApniRy35yuEH-dWb2EiCoq3nXGZKN1VBGDKRJhQUiOnM0-DXsLIZpJN-y-G8PH5IKKmSkAuScCyhpFBq4meiQZc0LaLoYa86WfUgxMPUFSJ7JdxSU44HL4WWHbQDWd-7cro5LMfGxgPzvmb8OtmB3khI1QS_78xxWSs8VyifakyDtPz7Lyn0BBm3F0rRyMbYX4kikdccXGjIcciAK8B2G-dNgkDJX_lMpyxbYuMW06xYZtQIq8oKykKL5EN2zGLeHrqsLpO43J-_EhbSoFMtDbJDVbtLwTLvz8NZh22it9qTSMHXR5tsE_pGGYKAsZplUrOBV2MXvrwXdd5iBWMArOMwG0R3M_kjoM6KdxMuDRBM6BC8a_RGtkuZhgvB8Vx_WDIDvDH9tnxMwFSdymyG9FiSKTN65ixuGQwJDg3CKLoNYyPRkfoz_tztFwoefFyNIrZXUkR4-4pCp4BQINLiCSMy0ZifhjEwXp3s7mPND2lK74Z0RPWCSgUwk0OHErB1Ic5MYQlccKPrQB5dFBFDhiVmNDPDytqhuWZsyHb3G
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 6719 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame 55DE 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame 7EDA 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
SPug
simage4.pubmatic.com/AdServer/ Frame 52A6 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ce.lijit.com/ Frame 130D 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame B170 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame AE93 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929741021&oz_l=11&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:40 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
merge
ce.lijit.com/ Frame D13E 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 644E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Baga9RYGMZJjjH4qjoPwP0NO18AIAAAAAOAHgBAI&bg=!09Cl0ITNAAaGYqkwpmI7ADkAdvg8WpwuxLGVURBHpd3RQNsZ7P9xM-0L4RgpWqflD14zBuOkHqlzMCghfW1YzvesbOAAsdXdR44CAAAQS1IAAAAEaAEHmQNe173UfN0Uq0Qr2Z3a7ye60Hct212e_4HDN25D769TIQoQ7quUExLgCSnbbD6FyP5NwYEJxa20k03kEd1w9sJB6VH4VQkQdmYS9f3OsGZ054R8Y7NBYJvLCyw6mMGsIP3LwBfWFe-JX7itomNJ3hLdx-mlTRW6f1D7Gyj_ln1CTj1T50Od8cWEFec24mdGHskX0Wk022hdkMvGB0ZsBeLUq4zHP6b0dod2FnrIfOP0OoG3NwykiqV6_IaEgdHqbPW2Md4-UdQmigvWUw6TYPQR83MvxYarBIH0yqFokYo0M5Wx7mSTGEUgQkL9CVkrarTBrwQPhg4GkDPQWCA8tfgkVsSs61-U2CeSRzSoQcmWH1QgB9iXEe0SxyLnohGpjAB_ycADekKbQCdG2ng_d_smi8fMrMW0Dvo9mp-9t69pX4FS4E2k6m4v5ujrLR7Cs8kcxyi1Abf6Tai-1ZkJmTBWx0uQFyh2qM9XodO2Nn-G5W3jBBVdSKp7jWnacnCPXr5qF46uKRZqN8IzE0DchXf9NW-HshfhrTRG0blVYCQR02F1sJM9RhdDD4KiAXlolDQKitgZapAzgPdLwpuSDKsP2QxVoBCF2PqHg4v_I61LI_YmSG_8amdyqn-c6Jehf1HIkypfHWmafdfEU9Te7hD9Qn-TlJ2VwZgcwVm9weBJATKrYPTpdT6q3MCDRIj7cUGr3Kiohvg1ix8PrD4GGzMSdafpBmT_noIcIXYf0pIk6v94nAVIox3gkdfBgXkTITecedl4AIIhgnwJFKAOW10g84wkpg7_cIEAH-DJNkSTlEKoisujoLwKJ-cvTHcNuuBOG3qAP_8iVAYCIonk0-xgbNuoBiHIHW3lgdvzm4rKm8i0iu5sj5OXtlrOG67Q1fegcn6K-zx71NHPH8MthE_sbph1oeEPZ7ygt1JcBkbN6NBa4SxodSFE1tO86e_Yo3Vf_g2zmRtBMpeo-S9vLE_IM2dHzcCJP2PSeJxMgbkrNfRDxK2gVSC8P1oK-jJpe5BmWu61TrEtOIzz_YnpGHR9Vuo9F0HRi2oUj6j0lOERL1ZK1zztchjZT5kZWBKf4C1IQH83AtzOWadvIFY5vS0Sz-Ydk_dFdM71nB_5zJK5OpDMKVM5pAGry5BoIb3Mww
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame EE2B 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame 3EEB 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame AD7E 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame E13E 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
merge
ce.lijit.com/ Frame 36AC 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:35:41 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
gen_204
pagead2.googlesyndication.com/pagead/ Frame A916 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFvwFRYGMZJqoIJWezgXs2aSYBAAAAAA4AeAEAg&bg=!8_Cl8KTNAAaGYqkwpmI7ADkAdvg8WiHMk12fW5oSwV0Js30iin23Tzxj25j-IzCalxgt-FUB0Ox1P1_3DBjFCkX2TmfdchJW8S0CAAAQolIAAAAHaAEHmQMeHWd_e47MYELWUx6lIbhXrWdRX7Im4yrhV-Xnkv82AJKjYcvEmoyby3mn8y2uId68v7ylo8bYCrXbno9QLALaqmJZUIBawhuWc67XTHZ2KvusPd9uRe1hIBVc1jTo8x-OyVEdQ2EXjIzzB2Ds9OjRqsBzTqH91d73oYvIPAbEVwETuEfJWJIpAR6Rd5sHutEBRCmh5fpBCUwt9h1qesHCc-9jz2RdoYz6harGZP6Y2aVtIoy5ScUUsjhKHd2HTf4r5rauj6bf3kl5dfCXGyZ3lP3wEpncuY6btG9VhitWdQnp4juePbF3TPRUvws_TdB6IFNwXdyy4woMNFf1_ll6iKt1KhzUAycgPo9fvMqDrjm9-xb0_yULbNNFx93zSMmIgTMlV4OV5ENt2PpMkMkoI6NKuapOB3jEexarIE3xroJWLc99Rz91TpdTWODVq0ZbPsFELhSJJmgWECu0AoIITg_zXLtFoCNYO4n2J-KPbaXokjbCCo6fD0E1HX_AkBhjpXvBqHIvUx5c5cJJa3cPPhinRFZtEHOjk2SxpBZPyO5-sXB8f8m6vIDMx2j6yW4g-_bUu22GFgp-aXj6qxtM1Fog8oI4P6Dd0dDU8S0QEg92rGSex5cfhWiJij32gWKUJL3jM9e-PKTC7bvo4ZNHISAc6BFCgovQomGIJnSHeuv1mwLl4yuYP72-WqVbUs3nMh-rH-CsWKknff6-smBBjVV72r2txZs79erzSJeeqbZ3zDHEfMUhZXfKqLPu-NsrLD5vUUJgdX_7P9qhZnjpaZC64kd48KoMSDr7VTkqtgTUSzMn477sVUqutYLFhxLHQqw9M03txKwpesV_U14SydMQtP3QUvzmmShSmOclwOFIJtNy4uzV3DYwoOAOUJdz0n8ZN0sMgqCJLznEMl_LKznE68nS8Mrb5HjGMDpy2itfFRLjM4VwQ9W7TXIqT_uJieofJXCRHCAGx0Y1rG8HHe2rRfRjH3Z8QQ3RjuEwfQtcPaDSXO9BmHRpJoHRQ1n9boEEvJzyKjFGyKfPIQ92d85u6yWzgz2cbCdFXYj8
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame BEF7 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:41 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 2E16 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:41 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 1715 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:41 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929741874&oz_l=43&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:40 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame B60A 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F7D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BslxCRoGMZOl2iqKg_A-OvZzgAwAAAAA4AeAEAg&bg=!hIelh9PNAAaGYqkwpmI7ADkAdvg8WrBcI3-NUSuQvqfKN8nmmN9VhNDHL7cZRgtGtpN7f_RcMWcC2sEzYhPTqPimg5qHq6s19IACAAAPXFIAAAAGaAEHCgANFBS-O6sFsUcoLskt9JkC7vn1tsinTmdXBZ1sLYUI6rsBkYZao0j3SUChp_C-vnR0XZc8zLGThzPgtyeddWuQZRA7K_mGB5CKvFOXBS5M9VuRCGIsYB3XAl-fENY0L-BOPQWW-U-qohcumw010Uj16zkWTk8-xO4dO95WAF-DYi1Mo99g9Hxkb7LW7dP1JDPXRsWhTEazwNa356r17IUJSXxyZJSvLT8pVodSv8BBdLIJt2y3-xFZWXcLCCCVGgNbNb9RqoPwze5rw1cLlObqgv6S_RoFMVojNEzBAgglnuGGgrDcwhIFMx-bIhXGgFZkHnfW-_Ym4A_NveC_RyhwFaoZv3tS0eA6EZlD9ukYL1n0qkAmqm3HuQf8WAo9oLPEDbWHaxQqgKTqmPPrLw0Mzwx9xNErer57ClzP4-rY3obj2HZfQdUUnvbairLbpV5r_rBZ_cCOcmWtaCN8FLk3eOpljWhbHwX1fc7_M0XmYFO_l2N1Dwn-J9AQ9fXfEXwPqb2Sd7mIObMhJ3_bNplDYCYzNiVtPuIlsFfCQU4buqRNrM1soOGxSToCjIGGLTIWdirvevHIl-XxYzYeyWX5uMA6vCGL3U-LkLmSFXRycnhFJdCuk8oRmcBzDtDrqViEEsPvMJG2r5cEv4l05pW3BRCv9wv07AzBRvBRmnOe2BigKxllTfnn--yNhgfb-5ZVfm00pNDwcwh4xp6bb4r-2v4M-TR61LpA5OXUOXiEntcisIlW2D4v1LXus4cizYAUKD-01nXiZyiNRbhTDZzyUEChsSwExj5oO1ZpapW5NK0G9y_jUWqXagrgJWQXbphYgGHV4qN7_oy8fDHmOrP9-RN3zkrDCKLkSP1JHoi-r9Wuv86qOOCVU4oBkpiWezMVbJmMSNkeN0MU7FTeT8HBPNAypmpcnQrtw35Trc196THbxvWbJe54122atSGv1r1JN9pU0Y3g3mj0oqteShTyfOnYrmVtm-lHXZR0afCT9de8nN4eZ3vBPaU_nv3kPg
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 8904 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:41 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 09E9 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B51D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdxM2RYGMZKCkO87izwXBvqn4BAAAAAA4AeAEAg&bg=!X1ylXAjNAAaGYqkwpmI7ADkAdvg8WofvH6U_Bg7ep5BXLRGQF9nxJ74-hytbquYlEcf9Ftwrq0YOHLvXN4ide1DyUbLOyKyMZ8oCAAAQYlIAAAAHaAEHmQMbTo6cAGs7EZSNLfrFIkrRahWR0QyCxYxo2JgiTp0VRTbPfV6yD-WVw--m58awEPMTtzJY-8I5Tsklau8wac97kRhPaXShjWdDJaJtgorCcdZKrQn_CgHH3cZspsTMlyU9tiJZaeYIKhzO7FH3YWlDJ4BNKXdEZBYYyhrU3gnk-jEg02zzkmTtuVfGot-EZEmbHV7DpTBi7gz1rQDqsvmRWUfFvOgCgmVpFfaITkT_csIl0n1yD92wO27IH2FEndBZQ6XVj7rXl6M14cB7HpVcPJw9RmkhwqHBA8fdqlLeDlKSYTITP40_2Wk_tSNKLdaqCjVC5dzMY7oe_FYFIc_55y6tSvyHWZhCtKCgYJuN-WPxOaT7i5gXbT17liUlEz4iM88lkPtqZJN6lqfMPDr0yZmNf8IPrB8JaN9NZuaEbwnXwB-qfLK41A6pvTL00dG8NAN86ZMzE0oRDF07rVYtNRNMOMCCW0AnNChhqOG8jsXRU04MS6Mu9EReb9UxwNycDIgXtniMC_binA3uHF0em-9JUTdpTEmLvPV-mZk3qvv1Zueb5R2nn_x68Not6pVIzcMXHCB57YbCkKZevaxXNh9AypPcemO8Km35ZPAuQgASv_lONFMyma-2WMYwcBWVYg4O83AFPBhsixq1SsOHAbykwPK2GFzNL-6UBL3ERb9AT-AjjeVOO7ee-kXR8Gf7UW2MfQfer30jGJ1v5Qkzu1MxqN_3HbDLiUTqXTw8X8pFKNUhzd1V5p0pM-WY0eZDj1_WUgl2YlnHomI2xp3sH6iAc5Vx49IlGvGO9L8Kr9SJ7ql7Ye1Bi3P03R-mQPKkGTwSgJ1B6swg6KosGnYy_QfE02nWXnvpnvNDG81j27-igIPeh0P8Oo04-DQO5Ab8utl1_lqPfuPwYr4Bxt9S6h_mQKcrRkEd8tR272rEr2IpiHvJdQEbtpFbWsKMuQtTNWi-M5eG1XpMm6yowACeQgjYGzK-UNs57fnVdKEDIlppftshb6phJiG9QgEuPjOl-Ca3cizKFeXRrTxSmYRnOExFJXx3emUSVA-m
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0633 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
733658
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame BEF7 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
syncframe
gum.criteo.com/ Frame 7372 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
798550
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 2E16 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame E455 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
syncframe
gum.criteo.com/ Frame 17C1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
995780
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 1715 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929742066&oz_l=105&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
syncframe
gum.criteo.com/ Frame 25EC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
997123
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame B60A 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
syncframe
gum.criteo.com/ Frame A442 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
1032740
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 8904 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Jun 2023 15:35:42 GMT
syncframe
gum.criteo.com/ Frame CD99 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:41 GMT
server
Kestrel
server-processing-duration-in-ticks
1992697
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0633
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=lkOSvXxVekpMV0Ztdndqb3VXdXVEbjI4RlFDZWRuTldVOEF1NjhUUTVxVzNiYXYxWlVTcXpIRlQwS2Fpa09qVzdSSkg2NHVhaE5RNzhoaTNicGdxT3ozWkdUTzZqZmRoNzAveXNFQU9YNzdBVjRmVFdjaldqM2JRRys2Sn...
433 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lkOSvXxVekpMV0Ztdndqb3VXdXVEbjI4RlFDZWRuTldVOEF1NjhUUTVxVzNiYXYxWlVTcXpIRlQwS2Fpa09qVzdSSkg2NHVhaE5RNzhoaTNicGdxT3ozWkdUTzZqZmRoNzAveXNFQU9YNzdBVjRmVFdjaldqM2JRRys2SnN1RVhJWkVHd05wazNvZ0VHRS9HdU5CRFZDUzJFTWNzeFc0YmtjME56NnBjT1I4blpUMCtNL1ZjMExSRnlBZTR2U0FYR2FsUWVEY3ltQTBVQ1FHc0RxUWprK1BVSEMzeEw3cmxSN3hqb1RDanRsRzFCV2F5NlFjT1JsT20yWnFiQTI4a3pBa3NpM3R0cVlreDRoOVo0UXN3Uk12NnJGcTBxeUxGT0FYdlVaNWdDWnhSV2ovdz18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5a2f7c9b67c3d54e602461347f6860600515a37f6780c3cb3b453245b2ac22f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1008344
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=lkOSvXxVekpMV0Ztdndqb3VXdXVEbjI4RlFDZWRuTldVOEF1NjhUUTVxVzNiYXYxWlVTcXpIRlQwS2Fpa09qVzdSSkg2NHVhaE5RNzhoaTNicGdxT3ozWkdUTzZqZmRoNzAveXNFQU9YNzdBVjRmVFdjaldqM2JRRys2SnN1RVhJWkVHd05wazNvZ0VHRS9HdU5CRFZDUzJFTWNzeFc0YmtjME56NnBjT1I4blpUMCtNL1ZjMExSRnlBZTR2U0FYR2FsUWVEY3ltQTBVQ1FHc0RxUWprK1BVSEMzeEw3cmxSN3hqb1RDanRsRzFCV2F5NlFjT1JsT20yWnFiQTI4a3pBa3NpM3R0cVlreDRoOVo0UXN3Uk12NnJGcTBxeUxGT0FYdlVaNWdDWnhSV2ovdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
261531
content-length
0
expires
0
sid
mug.criteo.com/ Frame 7372
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=4557VXxkNGdVSG9PQ0hrM1dpZjVHclIzbFc4bkxab1g2RkFWSU1YUjd3cW9hNElkV0Y0ZGlXVGd2TTBiYjZ0UHVRdElmU2cvb2ltUm05Rlp5U0pzWVozMk8wNWtLZ3EvbWp2aGhMUldTenFOT3FZbnYzRklFQnE3QTNLTl...
457 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4557VXxkNGdVSG9PQ0hrM1dpZjVHclIzbFc4bkxab1g2RkFWSU1YUjd3cW9hNElkV0Y0ZGlXVGd2TTBiYjZ0UHVRdElmU2cvb2ltUm05Rlp5U0pzWVozMk8wNWtLZ3EvbWp2aGhMUldTenFOT3FZbnYzRklFQnE3QTNLTlR3VnRqakFDRjBLb0xpdmxtZDZadjNLZWx1RzBObC9rekpHM2FPSVNCMUEvZk9lcWhSNnppNFdreFJZZ1I5aS9GQmdLd2FSSHl0RHpZQmh2Mjk4Y0dUa3pQUzBuaCt3a3pMa3NqUmF5YkREaEYvWUs3Vk03Z0ozYVZNSUhvc1paMDlsanc5a2RLMEc5Tzc1TmdHRVdzV2w2N0NJWXAvTzBDL3VVTG9iaGlMaVRUNytMaTFXWT18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cd3a49ccc6a9f2c95854c1488febdac69fcd503284cab9380499f3a5ba7a10dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1436442
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=4557VXxkNGdVSG9PQ0hrM1dpZjVHclIzbFc4bkxab1g2RkFWSU1YUjd3cW9hNElkV0Y0ZGlXVGd2TTBiYjZ0UHVRdElmU2cvb2ltUm05Rlp5U0pzWVozMk8wNWtLZ3EvbWp2aGhMUldTenFOT3FZbnYzRklFQnE3QTNLTlR3VnRqakFDRjBLb0xpdmxtZDZadjNLZWx1RzBObC9rekpHM2FPSVNCMUEvZk9lcWhSNnppNFdreFJZZ1I5aS9GQmdLd2FSSHl0RHpZQmh2Mjk4Y0dUa3pQUzBuaCt3a3pMa3NqUmF5YkREaEYvWUs3Vk03Z0ozYVZNSUhvc1paMDlsanc5a2RLMEc5Tzc1TmdHRVdzV2w2N0NJWXAvTzBDL3VVTG9iaGlMaVRUNytMaTFXWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
503490
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame E262 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nucleads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:42 GMT
server
Kestrel
server-processing-duration-in-ticks
3251388
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 17C1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=2UyjoXwrSkVUcGlDdzJTbGtPaGM4bFV2eERHUm54enlPMFkyQnJhbGIyMjdxOWVuTlBsUjBDQlA0RWlxVlM1eGM2V2ZwNmxuT2FwT2RGb3pncVNGL29RZ0hRWjhvUlNvaEZZMllaZUs0RXlyNkd5Qk54M2M1bDhkYU5NZl...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2UyjoXwrSkVUcGlDdzJTbGtPaGM4bFV2eERHUm54enlPMFkyQnJhbGIyMjdxOWVuTlBsUjBDQlA0RWlxVlM1eGM2V2ZwNmxuT2FwT2RGb3pncVNGL29RZ0hRWjhvUlNvaEZZMllaZUs0RXlyNkd5Qk54M2M1bDhkYU5NZlhSTTZWS0xBQmRqQ2szNWpadERDQzZXTlpNZkgydXZvUHgzSCs1UUxsa3ZxVXpqQUc0WFdjVy9kdzlyeU54TFZ2MnQzempNdFdxTTFiRWRNNUJpVkI0UEZhbWw4T0N4NjUwZW9wT2tNeWNYOEN2VVNWOGFmNTF0UTNmNkpiSTE1d2QwNW1WYzl5OFliOEVOVWdVRDVueEhUU3haUmR2T2lQcWlpRkVodVpsMy9BNjFzQy9HUT18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5d5f802700b7862b8306b915a5d8cba2ff2608bcf5e6a3ad658a7bfb46f667c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
839710
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2UyjoXwrSkVUcGlDdzJTbGtPaGM4bFV2eERHUm54enlPMFkyQnJhbGIyMjdxOWVuTlBsUjBDQlA0RWlxVlM1eGM2V2ZwNmxuT2FwT2RGb3pncVNGL29RZ0hRWjhvUlNvaEZZMllaZUs0RXlyNkd5Qk54M2M1bDhkYU5NZlhSTTZWS0xBQmRqQ2szNWpadERDQzZXTlpNZkgydXZvUHgzSCs1UUxsa3ZxVXpqQUc0WFdjVy9kdzlyeU54TFZ2MnQzempNdFdxTTFiRWRNNUJpVkI0UEZhbWw4T0N4NjUwZW9wT2tNeWNYOEN2VVNWOGFmNTF0UTNmNkpiSTE1d2QwNW1WYzl5OFliOEVOVWdVRDVueEhUU3haUmR2T2lQcWlpRkVodVpsMy9BNjFzQy9HUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
315794
content-length
0
expires
0
sid
mug.criteo.com/ Frame 25EC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=GO0IPHxlM0hTa2pSZkFFTk1MWElEbEFtTC8yMHR1dFAzM3VYUHlTV0dMRXB4aXNTVHJnMWNhYmwvZnZhMlZpekVMWnc0UTVWUGdkRmZER0xlT3FuYm1YVFlxeFhQM0ZKd3lOOE9sOHhJeUNYK0p2Q0svKzBMM3FNQU5ueW...
417 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GO0IPHxlM0hTa2pSZkFFTk1MWElEbEFtTC8yMHR1dFAzM3VYUHlTV0dMRXB4aXNTVHJnMWNhYmwvZnZhMlZpekVMWnc0UTVWUGdkRmZER0xlT3FuYm1YVFlxeFhQM0ZKd3lOOE9sOHhJeUNYK0p2Q0svKzBMM3FNQU5ueW4vRkE5SjNOTnRnTGZXRk9mWUd0dFQwdHRQaFhHOUZPZlFrOTFxWG5uZ3VFd2tyK1IybXBWeHU0UDI1UjdpOUtqTC9KbWhzQW5mbDJCbkF2Wk43c2V4UGJZaTlGU2R4OUVmaTF0bERvNGp2R3FqSytwQlg3bmlDQXR0SDNHZGVkRzZoajlIWEJnV3d1bG56eUhlRi8xRHB0dVBsdHRuNGFMVENhdTVJZlV1bndvM2szYk5JST18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
600b9c48d421b361f053fbe520219396f0bef4caf58d63c962ae3fafce99e703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1464060
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=GO0IPHxlM0hTa2pSZkFFTk1MWElEbEFtTC8yMHR1dFAzM3VYUHlTV0dMRXB4aXNTVHJnMWNhYmwvZnZhMlZpekVMWnc0UTVWUGdkRmZER0xlT3FuYm1YVFlxeFhQM0ZKd3lOOE9sOHhJeUNYK0p2Q0svKzBMM3FNQU5ueW4vRkE5SjNOTnRnTGZXRk9mWUd0dFQwdHRQaFhHOUZPZlFrOTFxWG5uZ3VFd2tyK1IybXBWeHU0UDI1UjdpOUtqTC9KbWhzQW5mbDJCbkF2Wk43c2V4UGJZaTlGU2R4OUVmaTF0bERvNGp2R3FqSytwQlg3bmlDQXR0SDNHZGVkRzZoajlIWEJnV3d1bG56eUhlRi8xRHB0dVBsdHRuNGFMVENhdTVJZlV1bndvM2szYk5JST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
530770
content-length
0
expires
0
sid
mug.criteo.com/ Frame A442
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kt2adXxBelY5NDdFWEUwMlBGaGJPOUtENDQxUE1ZZGJUeitQbWo4NGxUMGxLa2V3TGw3RDU4Rlk3bG1CYk9IbDU4bW9zR0dERjh6YUxFcnpOOG1PZ0xtcXNORmtZWkpYRHdDZ0RBMEkvRkNpZXJ6bTZWU3YzeFAyRE9zQ2...
422 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kt2adXxBelY5NDdFWEUwMlBGaGJPOUtENDQxUE1ZZGJUeitQbWo4NGxUMGxLa2V3TGw3RDU4Rlk3bG1CYk9IbDU4bW9zR0dERjh6YUxFcnpOOG1PZ0xtcXNORmtZWkpYRHdDZ0RBMEkvRkNpZXJ6bTZWU3YzeFAyRE9zQ2UrY25mWnZnMGx4RU5RTG5kQXRlOUU4VWY1OUg3djdXaXJvV3p4SURISDg1YzJoVm9NTU5ON2pzbVdqSWMxbkRMQmJPdVRiSXhlM3M3QndXSy9yWVY2NzRVQUd2Z1dtZTBDVTlmSjUwREpFNFR3TG1TeGZqRHdRcXQ1R0o4S3VGMXo5b2NLblNpN3dKV2h0UUswRWhyckx6SkN0c0lWcmlBYlNDdVdybGd3OWtFd0ZHY1dKTT18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
76ae05bedfcc8ee757f2a49890366f71e95b369be7b80d0a6ce0c702dcfffe27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1427622
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kt2adXxBelY5NDdFWEUwMlBGaGJPOUtENDQxUE1ZZGJUeitQbWo4NGxUMGxLa2V3TGw3RDU4Rlk3bG1CYk9IbDU4bW9zR0dERjh6YUxFcnpOOG1PZ0xtcXNORmtZWkpYRHdDZ0RBMEkvRkNpZXJ6bTZWU3YzeFAyRE9zQ2UrY25mWnZnMGx4RU5RTG5kQXRlOUU4VWY1OUg3djdXaXJvV3p4SURISDg1YzJoVm9NTU5ON2pzbVdqSWMxbkRMQmJPdVRiSXhlM3M3QndXSy9yWVY2NzRVQUd2Z1dtZTBDVTlmSjUwREpFNFR3TG1TeGZqRHdRcXQ1R0o4S3VGMXo5b2NLblNpN3dKV2h0UUswRWhyckx6SkN0c0lWcmlBYlNDdVdybGd3OWtFd0ZHY1dKTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
253656
content-length
0
expires
0
sid
mug.criteo.com/ Frame CD99
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=8KBj9nxWcVl5d0RBc0k3K3k2MTlaWUFONVk0eVc4RFgwZlhaaVU4RWhWd0l6M2JVRWRxSXdjRmpxbHpsbXBlVzAwTFZ4UkJXNkRWMzFWUnhQM2xtWGlBcU11by9NZDZDNEFvbGVjVFJYSHlsK2l2R09sdGJTS3M0Z0swTm...
428 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8KBj9nxWcVl5d0RBc0k3K3k2MTlaWUFONVk0eVc4RFgwZlhaaVU4RWhWd0l6M2JVRWRxSXdjRmpxbHpsbXBlVzAwTFZ4UkJXNkRWMzFWUnhQM2xtWGlBcU11by9NZDZDNEFvbGVjVFJYSHlsK2l2R09sdGJTS3M0Z0swTm9yWEpubW42R2tMYnMxNS9hdEZKRVd4SUlNM0Z5UnQ2SHZ1U0hVeEpDeTBGdllpUEpSaVBrNGIvWXFVcVJ3N1RVSWo0ZlFyRU5XUGJncTNqZGdBb2tiTi9tL2VmY056NHRKZVJuaWpKcmRUY2YyZ0pmRUZzWFM1U1RBUVZacXlvTFFSWjdMRTJTRCtCZzYwS0tnWWc1ZmQ0U0loQ1ZIRnY4RFFhR2UzTVUxWUp4VDVNRWtFYz18&cppv=2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5b10b59c64f240ae474bceab2bc1733a0e884e7a7a011ee3988ef0c08411491d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1741994
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=8KBj9nxWcVl5d0RBc0k3K3k2MTlaWUFONVk0eVc4RFgwZlhaaVU4RWhWd0l6M2JVRWRxSXdjRmpxbHpsbXBlVzAwTFZ4UkJXNkRWMzFWUnhQM2xtWGlBcU11by9NZDZDNEFvbGVjVFJYSHlsK2l2R09sdGJTS3M0Z0swTm9yWEpubW42R2tMYnMxNS9hdEZKRVd4SUlNM0Z5UnQ2SHZ1U0hVeEpDeTBGdllpUEpSaVBrNGIvWXFVcVJ3N1RVSWo0ZlFyRU5XUGJncTNqZGdBb2tiTi9tL2VmY056NHRKZVJuaWpKcmRUY2YyZ0pmRUZzWFM1U1RBUVZacXlvTFFSWjdMRTJTRCtCZzYwS0tnWWc1ZmQ0U0loQ1ZIRnY4RFFhR2UzTVUxWUp4VDVNRWtFYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
228650
content-length
0
expires
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929742279&oz_l=190&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sid
mug.criteo.com/ Frame E262
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nucleads.com&sn=ChromeSyncframe&so=0&topUrl=www.dicio.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=v3Lb13xNbEhLRWxseXptdDV2cWJBNFc3QXZ4RDFaZy8yOFEwVFdIQ2FmY2tlYkg1andxeloyQ3E2QnlnWGxVbjhWQUpWVDUrN0JjK3l0VG9id3JNdU1TdUo5Q0dGWkNMOEdBb0pONWRyclo4MWZXSWR1NmZZS2ZMRU9vM2...
443 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=v3Lb13xNbEhLRWxseXptdDV2cWJBNFc3QXZ4RDFaZy8yOFEwVFdIQ2FmY2tlYkg1andxeloyQ3E2QnlnWGxVbjhWQUpWVDUrN0JjK3l0VG9id3JNdU1TdUo5Q0dGWkNMOEdBb0pONWRyclo4MWZXSWR1NmZZS2ZMRU9vM29PcG4vVUlRUFlOVkZMckhyd1ZRZ1pQZE1yL2QvWnMrVkF1b3JGN2RYcGliZ0tVVm1XNzZPTVZ0ck9LYm5JNmZ1UFE4dkxMc29MSGJQd0JpRG83ODFPWG1lZDZ6MzhzNU82MDNVNjVZc05QdDRSV1d1bTR4Z3AvU29sWFQ3USt6ZDR0TGJmU0NMK3NBMTk4UTUrRDJIYjV2TFpPeUM1U1FXakhvcUR0TGg0SnZ1Q0pnTm5UWT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
67e89ff43577ee96e03ca787b9283b03ef585a87f1fa1e10b3a8e40b672beb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
948754
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=v3Lb13xNbEhLRWxseXptdDV2cWJBNFc3QXZ4RDFaZy8yOFEwVFdIQ2FmY2tlYkg1andxeloyQ3E2QnlnWGxVbjhWQUpWVDUrN0JjK3l0VG9id3JNdU1TdUo5Q0dGWkNMOEdBb0pONWRyclo4MWZXSWR1NmZZS2ZMRU9vM29PcG4vVUlRUFlOVkZMckhyd1ZRZ1pQZE1yL2QvWnMrVkF1b3JGN2RYcGliZ0tVVm1XNzZPTVZ0ck9LYm5JNmZ1UFE4dkxMc29MSGJQd0JpRG83ODFPWG1lZDZ6MzhzNU82MDNVNjVZc05QdDRSV1d1bTR4Z3AvU29sWFQ3USt6ZDR0TGJmU0NMK3NBMTk4UTUrRDJIYjV2TFpPeUM1U1FXakhvcUR0TGg0SnZ1Q0pnTm5UWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
519340
content-length
0
expires
0
bhof.js
7gra.us/ 		15 B
334 B 		Script
General
Check archive.org
Download Go to
Full URL
https://7gra.us/bhof.js
Requested by
Host: static.dicio.com.br
URL: https://static.dicio.com.br/assets/dist/js/chunk~vendors~social.f461691a08f72a660261.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.248.161 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns542920.ip-158-69-248.net
Software
nginx /
Resource Hash
94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Fri, 16 Jun 2023 15:35:42 GMT
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
server
nginx
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f82edc4b779acfb2e95997c79525aa19f5267fb4789d19066a98f6ef20935890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11280
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7ACF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.dicio.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:42 GMT
server
Kestrel
server-processing-duration-in-ticks
1291339
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
b6ca9ae18f4b8a16dd32154bfb16a158.js
api.cazamba.com/ 		289 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cazamba.com/b6ca9ae18f4b8a16dd32154bfb16a158.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
36c87477804e12bebeaf6f7e079d246274d8a43467c15f564f9159e51f70dc16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
x-amz-version-id
qrwqcc33iHy8a8QZN7ov9oSYH_NT1YGf
last-modified
Fri, 26 Nov 2021 15:14:05 GMT
server
AmazonS3
x-amz-request-id
29FP5JVR8K6PW4QB
etag
"1a84265f96428e257fa5afa9804199aa"
x-hw
1686929742.cds057.dc2.hn,1686929742.cds192.dc2.c
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, no-cache,no-transform,must-revalidate
accept-ranges
bytes
content-length
242
x-amz-id-2
8T7MdExB3eFVhQRB7gYS0O/7utYV0Le8gvA7xNtJdRimt0UROY6nAcNpM8Xo0q1dpWdocsq+IoA=
load-105386.js
amer.hhkld.com/tag/ 		279 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-105386.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
ae36e95c9d0742585d996ec68e76912aecc719ceb967026f26efe33c937da09c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
CVCKAUKP.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/CVCKAUKP.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8R4QNX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
7b959c7410f4dfc39ebc0ba9580e7867600b1c64bc34a7dd1503b2abe78ce10b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
4F088MVKFB3NC4HR
cdn-cachedat
11/07/2022 15:48:30
cdn-pullzone
55316
x-amz-id-2
WJEnuYAq4kjRlcItAKDmgFwHKxNVTJkEFTEJerU/gmgfJD11dwk1qcIMpQVRrbwqFpRn09b7AZA=
last-modified
Thu, 22 Sep 2022 14:20:45 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"6d98ef7ba1468b6deb4983a52bdf4d79"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
b0f55c5766c5770a7573a54a3df1d544
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
du7gd0kvuz
www.clarity.ms/tag/ 		646 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/du7gd0kvuz?ref=gtm2
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cadfaddc7ba0c2c9277c03199e654dd8eeaea834d154535d9b891703d25bb699

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date
Fri, 16 Jun 2023 15:35:42 GMT
x-azure-ref
0ToGMZAAAAABfAGoEOTAdSrMlZF+BEA30WVRPMjIxMDkwODE4MDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
646
expires
-1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1720505703&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20VitalsWeb%20Vitals&ea=TTFB&el=v3-1686929729169-6955539723423&ev=149&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=350313747.1686929729&tid=UA-10605777-8&_gid=1136156445.1686929730&gtm=45He36e0n81N8R4QNX&z=2082272786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 08:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24026
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:42 GMT
sid
mug.criteo.com/ Frame 7ACF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=dicio.com.br&sn=ChromeSyncframe&so=3&topUrl=www.dicio.com.br&bundle=oxXwFF8wZVNMcVRWM29TSzElMkJreHlpT0pLMyUyRkdMNDlpS2phNmxVZnclMkJyZndHST...
  • https://mug.criteo.com/sid?cpp=CGgoQHwxQ1NWQjloWkx5Y0NMd3MrZFkxdlVOOUIvSE82TVhIV3FET3NuZitqWDVsaDBjMldzWjlkUDh5OGRoTHRvREtGOEI4dWdOMGc4ZkJtWUNJTUNCZzl0bXNoVVd2UXVJV015RThzaGJjdnJGWnk1UVE3eTZZbkxNMX...
431 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CGgoQHwxQ1NWQjloWkx5Y0NMd3MrZFkxdlVOOUIvSE82TVhIV3FET3NuZitqWDVsaDBjMldzWjlkUDh5OGRoTHRvREtGOEI4dWdOMGc4ZkJtWUNJTUNCZzl0bXNoVVd2UXVJV015RThzaGJjdnJGWnk1UVE3eTZZbkxNMXIxRjNSckFPYzVjVjBxd2orQktodmdQUnVqQW5xWnVKYnVQUnpYWVRnOW5NaytrSUExbmhEZXFKU1ZwTUE1TFd4T1VlUGh1Qmg4c0VLSjU3VzlFN3h3Qk1uaDNiRUNFdXNhOUtrWE9WMFFvcXhBSUhOWU5FaXRNOFFsVklQOURrTWUySlkxQmJMVjB6TWxmZjA3OGRLYS9xM2NGcTdtS2VzRjBBa0ZXalovSk5lVEllWjBRST18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bcd28483f92ab660e927bbaf92ddcd9e0174703a10808a93669529b31892196d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
717129
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=CGgoQHwxQ1NWQjloWkx5Y0NMd3MrZFkxdlVOOUIvSE82TVhIV3FET3NuZitqWDVsaDBjMldzWjlkUDh5OGRoTHRvREtGOEI4dWdOMGc4ZkJtWUNJTUNCZzl0bXNoVVd2UXVJV015RThzaGJjdnJGWnk1UVE3eTZZbkxNMXIxRjNSckFPYzVjVjBxd2orQktodmdQUnVqQW5xWnVKYnVQUnpYWVRnOW5NaytrSUExbmhEZXFKU1ZwTUE1TFd4T1VlUGh1Qmg4c0VLSjU3VzlFN3h3Qk1uaDNiRUNFdXNhOUtrWE9WMFFvcXhBSUhOWU5FaXRNOFFsVklQOURrTWUySlkxQmJMVjB6TWxmZjA3OGRLYS9xM2NGcTdtS2VzRjBBa0ZXalovSk5lVEllWjBRST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
430494
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9200 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
172813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 15:35:29 GMT
expires
Thu, 13 Jun 2024 15:35:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BFF6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac043bb8a8081bfe47a2be62207efb71a9142886e0d30a54360356bac84d4508
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xs-g0Em4qugMpxgHVRc6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Xs-g0Em4qugMpxgHVRc6DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:42 GMT
expires
Fri, 16 Jun 2023 15:35:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
czmb.min.js
api.cazamba.com/common/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.cazamba.com/common/czmb.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/b6ca9ae18f4b8a16dd32154bfb16a158.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
gzip
x-amz-version-id
VqCIYLFA9K3Y98t7mA4Tr4UkJwF3jmzR
last-modified
Tue, 23 Feb 2021 19:11:35 GMT
server
AmazonS3
x-amz-request-id
FVXFYCGNVDA00VJH
etag
"fd80cc799e36e281e75205cb74648bb1"
x-hw
1686929742.cds057.dc2.hn,1686929742.cds201.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public, no-cache,no-transform,must-revalidate
accept-ranges
bytes
content-length
33535
x-amz-id-2
VxvuZlQriGva/+QxwCuinmJlZC4Uxzji0wLUTGvPZX2YFufid+T+rAh0OoDpBRXN8s1n8quxEis=
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929742697&oz_l=94&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 03:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 03:50:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BFF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080201&jk=1529839571453054&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
7c876da6-fccf-456a-bf80-ae1261058892
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/ Frame EEF5 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/7c876da6-fccf-456a-bf80-ae1261058892
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
817
Content-Type
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 9200 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/du7gd0kvuz?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
br
last-modified
Mon, 12 Jun 2023 16:14:21 GMT
x-azure-ref-originshield
0mXuLZAAAAACDVXXVKDLRQbXlrDaFaP/BTU5aMjIxMDYwNjEyMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB6B6014B0AA22"
x-azure-ref
0ToGMZAAAAAA3XHXILuWXSb/9aWGbn3LuWVRPMjIxMDkwODE4MDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8eae045c-201e-0023-1f1a-9fb418000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&RedC=c.clarity.ms&MXFR=293BA8798CB467CB1FC8BB4B88B469BC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&MUID=2F0E8CB093976AEC0F079F8292AC6B48
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&MUID=2F0E8CB093976AEC0F079F8292AC6B48
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:43 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
server
Microsoft-IIS/10.0
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C9D7016D70744431954D48FD3F118524 Ref B: YMQ01EDGE0620 Ref C: 2023-06-16T15:35:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB8B5CD72AA146ADB51C8E65C034674A&MUID=2F0E8CB093976AEC0F079F8292AC6B48
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ 		105 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenMax.min.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
323497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31378
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1a5b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBfsl7wMzyslFRkcMYQ5sFSjXihSBzWc0%2FqQ5Y3QHPOq0VcxBB0DuE0PR6mZePNuGMNQbMfnGRhQyyPvK0AUA%2BJ9uIeDE1R5BBq0KnRroqe8CkX4%2BuZUeGAZSXgXrE6fn0mbv0bO2eqHmLLrD9%2FKzC0K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d841fcd19bc4bb9-YUL
expires
Wed, 05 Jun 2024 15:35:42 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 13:44:42 GMT
content-encoding
gzip
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
41615
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
cjywm-AJ38wiRLBBiU8yiuuWAq4RX6v1hoDWQ-nUlpS27nZNWBRxTA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:43 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1720505703&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dicio.com.br%2F&ul=en-us&de=UTF-8&dt=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACAAI~&jid=941324024&gjid=1352714047&cid=350313747.1686929729&tid=UA-42852934-1&_gid=1136156445.1686929730&_r=1&_slc=1&z=800085215
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Jun 2023 15:18:40 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1022
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 16 Jun 2023 17:18:40 GMT
rm
as.cazamba.com/ 		738 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.cazamba.com/rm?token=b6ca9ae18f4b8a16dd32154bfb16a158&r=93283825732&v=13&p=%2F&vp=false&callback=superagentCallback168692974290933
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.35.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-35-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
52ea2fa073e06d46300b4f51557f3a473e8930608887a0a74bc191bdbc525494

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929742860&oz_l=683&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:41 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
load-105386.js
amer.hhkld.com/tag/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
415437c94a739e0cf9900ca2da7b8e294177a40af818dc9bc3a073c3cd44490e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fib.3lift.com%2Fstatic%2Fbuttons%2Fedaa%2FOBA_TRANS.png&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br%2F&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=10812&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A4018%3A673&aa=1&ad=10625&cn=6230&gn=1&gk=10625&gl=6230&ik=10625&ic=10625&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10007&cd=5898&ah=10007&am=5898&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=3&tc=0&fs=203695&na=1719746751&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:43 GMT
collect
y.clarity.ms/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.dicio.com.br
Date
Fri, 16 Jun 2023 15:35:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929743059&oz_l=74&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
b
sb.scorecardresearch.com/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=16041074&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929743679&ns_c=UTF-8&c3=&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
1yoT0Ntol2f5blz_EyY3Oh4xQ_OwDSNb0osP-P_Ci3cvxbKSsCo48Q==
x-cache
Miss from cloudfront
cs
as.cazamba.com/ Frame 7A70 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.35.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-35-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff104537022f5253ee0932f58f6eb70884fb5adfaf9b172aae1eebd3183cd2ea

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:43 GMT
server
nginx
b
sb.scorecardresearch.com/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=1&c2=16041074&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686929743719&ns_c=UTF-8&c5=12&c7=https%3A%2F%2Fwww.dicio.com.br%2F&c8=Dicio%20-%20Dicion%C3%A1rio%20Online%20de%20Portugu%C3%AAs&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
yUhZZ1UGKU0ieZSjNL60TekV71dilgsYeem2CiJGJV5GlhvKjk81Iw==
x-cache
Miss from cloudfront
p
sb.scorecardresearch.com/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=16041074&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=447b3cb3e2b68057&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=&c4=&c6=&ns_ts=1686929745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-51.jfk50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
rxHrm9g0xO7I96FUvD-8QjfY0Pw8btjhGvHN0xS55jn4XuyCTabscQ==
userSync.js
ads.pubmatic.com/AdServer/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
last-modified
Tue, 21 Mar 2023 06:09:39 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130451
accept-ranges
bytes
content-length
2358
expires
Sun, 18 Jun 2023 03:49:54 GMT
/
onetag-sys.com/usync/ Frame F07D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7516a748d25c406
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
cookies.nextmillmedia.com/ Frame 8809 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.144.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-144-48.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
19f965c0f302a640fdb7ff28348a704cdc2ca929f7019d0f877d8dcab98784e3

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
2243
content-type
text/html
date
Fri, 16 Jun 2023 15:35:43 GMT
server
fasthttp
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ Frame 8D83 		301 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=22956637672
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
28ae237ace31f04b27c2f38293b79ba78f487d33958d8c1911a8e791c3f1ea88

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/javascript;charset=UTF-8
date
Fri, 16 Jun 2023 15:35:23 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
105386
amer.hhkld.com/cnsync/ 		1 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/cnsync/105386?prm=%5B%22pubm%22%2C%22one%22%2C%22indexww3%22%2C%22improve%22%2C%22nmill%22%2C%22sovrn%22%2C%22between%22%2C%22richau%22%2C%22frwhee%22%5D
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
index-06f01a09.js
hhkld.com/static/next/alfa_master/assets/ 		125 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105386.js?page_url=https%3A%2F%2Fwww.dicio.com.br%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
abe118a8190437932358ee406977c8acf9c8dd9859a98352935b332e5150e6df

Request headers

Referer
https://www.dicio.com.br/
Origin
https://www.dicio.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
last-modified
Tue, 06 Jun 2023 05:26:06 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatchredir
ssum-sec.casalemedia.com/ 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=197828&cb=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
sync
sync.hhkld.com/tools/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2046&r=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D53%26uid%3D{PUB_USER_ID}
  • https://sync.hhkld.com/tools/sync?dsp=53&uid=81322635-d407-41c6-90b3-06c576eb4a0a
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.hhkld.com/tools/sync?dsp=53&uid=81322635-d407-41c6-90b3-06c576eb4a0a
Protocol
H2
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:43 GMT
last-modified
Fri, 16 Jun 2023 15:35:43 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.hhkld.com/tools/sync?dsp=53&uid=81322635-d407-41c6-90b3-06c576eb4a0a
access-control-allow-origin
*
date
Fri, 16 Jun 2023 15:35:43 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
sync.hhkld.com/tools/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D38%26uid%3D%24UID
  • https://sync.hhkld.com/tools/sync?dsp=38&uid=G03niPZH5lRXKpa0QfmyLxxR
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.hhkld.com/tools/sync?dsp=38&uid=G03niPZH5lRXKpa0QfmyLxxR
Protocol
H2
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:43 GMT
last-modified
Fri, 16 Jun 2023 15:35:43 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:43 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.hhkld.com/tools/sync?dsp=38&uid=G03niPZH5lRXKpa0QfmyLxxR
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
sync.hhkld.com/tools/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44738&callback_url=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D39%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.hhkld.com/tools/sync?dsp=39&uid=390b2ebc-ea19-52a7-bbfd-32fcdf71b3ac
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.hhkld.com/tools/sync?dsp=39&uid=390b2ebc-ea19-52a7-bbfd-32fcdf71b3ac
Protocol
H2
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:44 GMT
last-modified
Fri, 16 Jun 2023 15:35:44 GMT
server
nginx
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.hhkld.com/tools/sync?dsp=39&uid=390b2ebc-ea19-52a7-bbfd-32fcdf71b3ac
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
auto-user-sync
ads.stickyadstv.com/ 		43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:43 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1686929743794086-119
profiles.js
d.tailtarget.com/ Frame 7A70 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 19:43:58 GMT
content-encoding
gzip
age
71505
x-guploader-uploadid
ADPycdthRHsbAdpYT_hJ10D1b0fG8MOJbWJX6947VqT4G8jbue1vbwHf3BeWZ0GsQPHjy4ruV7rJDVLWRGv5gGljxRwNaUIv9f5Y
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5285
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"b6cbe044784454c3931f1d4de70a511c"
x-goog-hash
crc32c=LTf/lw==, md5=tsvgRHhEVMOTHx1N5wpRHA==
x-goog-generation
1663611635603334
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
expires
Fri, 16 Jun 2023 19:43:58 GMT
universal.min.js
tag.navdmp.com/ Frame 7A70 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
369
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d841fd38a8c7148-YUL
expires
Fri, 16 Jun 2023 16:04:54 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929743857&oz_l=10030&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:42 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sync
sync.hhkld.com/tools/ Frame 3125 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.hhkld.com/tools/sync?dsp=67&uid=
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:43 GMT
expires
Wed, 11 Nov 1998 11:11:11 GMT
last-modified
Fri, 16 Jun 2023 15:35:43 GMT
pragma
no-cache
server
nginx
setuid
pbs.nextmillmedia.com/ Frame 9E77
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dadnxs%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
  • https://cookies.nextmillmedia.com/setuid?bidder=adnxs&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=7868782405983581932
  • https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7868782405983581932
86 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7868782405983581932
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:43 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=adnxs&uid=7868782405983581932
server
fasthttp
/
hde.tynt.com/deb/ Frame 2BF0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d07cca63e0ee2ecd1ee489ba49d37a7b0a452b5efab0736d59e6313287c56ab9

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1657
content-type
text/html
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
setuid
pbs.nextmillmedia.com/ Frame 45CA
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dopenx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUID%7D
  • https://cookies.nextmillmedia.com/setuid?bidder=openx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
  • https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
86 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:43 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=openx&uid=9a04da2f-9f2d-4b0a-a9df-4212da17d40a
server
fasthttp
generate_204
tpc.googlesyndication.com/ Frame 9200 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WhXUFg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame F508 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
64608a63f740a2bf2061361b98d0bed2f8787c69137cd11bb0f88bd7dd59f508

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1996
Content-Type
text/html
Date
Fri, 16 Jun 2023 15:35:44 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
setuid
cookies.nextmillmedia.com/ Frame 5B08
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dcolossus%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy...
  • https://cookies.nextmillmedia.com/setuid?bidder=colossus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=[UID]
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.nextmillmedia.com/setuid?bidder=colossus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=[UID]
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.144.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-144-48.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
server
fasthttp

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 16 Jun 2023 15:35:44 GMT
Expires
0
Location
https://cookies.nextmillmedia.com/setuid?bidder=colossus&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=[UID]
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usync.html
eus.rubiconproject.com/ Frame 965F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17888&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 15:35:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
server
AkamaiGHost
v15.js
cdn.cazamba.com/adx/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cazamba.com/adx/v15.js
Requested by
Host: api.cazamba.com
URL: https://api.cazamba.com/common/czmb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
700a90f5446eaa22b028669a049aed5fb98dde23c4a4fcf1559baeb8c8135d87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
x-amz-version-id
Pa.199fOdc.nmuK9gncP._xgAcz9xYP_
x-amz-request-id
VP4NHZPD5DBPSRF0
x-amz-server-side-encryption
AES256
content-length
905
x-amz-id-2
kURh+Zk+6HBMvMnDfYgcGfIViSSkIddAH16nBzuPZWF6VLgH7L41qBjXKN39Fthh9UUt50NtLNc=
x-amz-meta-server-side-encryption
AES256
last-modified
Thu, 18 May 2023 18:34:38 GMT
server
AmazonS3
etag
"a485deec2a438d1b0d9992a78f47b9f8"
x-hw
1686929744.cds057.dc2.hn,1686929744.cds193.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,no-transform,must-revalidate
x-amz-meta-version-id
4WkSQFkawHM6qxgrEvOIN7.aF7KRJJz8
accept-ranges
bytes
0
prebid.a-mo.net/cchain/ Frame 8CBA 		2 KB
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
4d7394c2d4f9cf5fecb4451b0347ab10e1ae014f8ae7954f16cd4a3ef50d8b1a

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
618
content-type
text/html; charset=utf-8
date
Fri, 16 Jun 2023 15:35:43 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
setuid
pbs.nextmillmedia.com/ Frame E24C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157577&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dpubmatic%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3...
  • https://cookies.nextmillmedia.com/setuid?bidder=pubmatic&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
86 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:44 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
server
fasthttp
profile
d.t.tailtarget.com/ Frame 7A70 		92 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 16:35:44 GMT
crum
dsum-sec.casalemedia.com/ Frame F508
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2TTMIVSUQ...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=NlEeHRMbmPui4ApJw2rW
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=NlEeHRMbmPui4ApJw2rW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=NlEeHRMbmPui4ApJw2rW
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F508
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO.IfgAA%26470&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0b1c547c-78c1-45ca-9998-35342ea02e2e-tuctb8606d0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0b1c547c-78c1-45ca-9998-35342ea02e2e-tuctb8606d0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=0b1c547c-78c1-45ca-9998-35342ea02e2e-tuctb8606d0
date
Fri, 16 Jun 2023 15:35:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22354
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F508
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
date
Fri, 16 Jun 2023 15:35:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F508 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame F508 		42 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:b3a:1dc3:6e97:b731 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame F508 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PCA93XE78CHC5CVFC4GX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
dpm.demdex.net/ Frame F508 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.104.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-104-179.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v048-031c8b213.edge-va6.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vtNMtQJtTf8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatchredir
ssum-sec.casalemedia.com/ Frame F508
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZIyBQpGLLvl3l6QCbO-IfgAAAdYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFOhueaLMTGBZPYsl4x69tk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
pbs.nextmillmedia.com/ Frame F508
Redirect Chain
  • https://cookies.nextmillmedia.com/setuid?bidder=ix&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
  • https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZIyBQpGLLvl3l6QCbO.IfgAA&470
86 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZIyBQpGLLvl3l6QCbO.IfgAA&470
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=194648&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dix%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=ix&uid=ZIyBQpGLLvl3l6QCbO.IfgAA&470
date
Fri, 16 Jun 2023 15:35:44 GMT
server
fasthttp
content-length
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929744025&oz_l=34&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:43 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
44768
tag.navdmp.com/u/ Frame 7A70 		590 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/44768
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 05 Nov 2021 18:14:27 GMT
server
cloudflare
etag
W/"61857483-24e"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d841fd4dca57148-YUL
expires
Fri, 16 Jun 2023 16:35:44 GMT
setuid
pbs.nextmillmedia.com/ Frame 4A03
Redirect Chain
  • https://csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3...
  • https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a&gdpr_consent=null&gdpr=0
  • https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a
86 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
86
content-type
image/png
date
Fri, 16 Jun 2023 15:35:44 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

content-length
0
date
Fri, 16 Jun 2023 15:35:44 GMT
location
https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=a425a098-1bfe-4b7f-a07b-d43deddfff0a
server
fasthttp
usync.js
eus.rubiconproject.com/ Frame 965F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74386
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
cframe.js
assets.a-mo.net/js/ Frame 8CBA 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=0&us_privacy=&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
via
1.1 36c050103b969d83a8b90ba7cba12542.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
YTO50-P2
age
429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7d841fd59bd04bca-YUL
x-amz-cf-id
hIfVM6Z95SkX8LfqCyS8gD5O1tE-CfnZw5L74iJfFNOfteAfEaFT4g==
expires
Fri, 16 Jun 2023 16:35:44 GMT
banner-js.min.js
cdn.cazamba.com/common/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cazamba.com/common/banner-js.min.js?v=30
Requested by
Host: cdn.cazamba.com
URL: https://cdn.cazamba.com/adx/v15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
8edd9aadbad93c9bd72d1f0cdab597068f93c721b8adb45e51e89ce08c9b4539

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
x-amz-version-id
vFBtBN8k1CouH5ZSZ4Yn1qPhtMhzfQ_P
x-amz-request-id
67KPT4EDX3GN6GFY
x-amz-server-side-encryption
AES256
content-length
55331
x-amz-id-2
0bOOt7ZBWqQI5VYP93ii6fmzPqO+fan/u70dMZoKrlVEZTxP5C6ifPusULn5oC/O90UlvKaRQHs=
x-amz-meta-server-side-encryption
AES256
last-modified
Tue, 16 May 2023 17:10:21 GMT
server
AmazonS3
etag
"1a1c4b9a822782324130f3643640978e"
x-hw
1686929744.cds057.dc2.hn,1686929744.cds203.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, no-transform, public, no-cache,no-transform,must-revalidate
x-amz-meta-version-id
nGNAg9Pk4MdH4oty10zxj.fhDEizfjMk
accept-ranges
bytes
usr
usr.navdmp.com/ Frame 7A70 		359 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=44768&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc7c7d35e63f807db1cc80597fb2618dc57d0630176f8fe7e3820ca1003e4f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
public
date
Fri, 16 Jun 2023 15:35:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7d841fd60e887148-YUL
expires
Fri, 16 Jun 2023 16:35:44 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
site
hhkld.com/logs/req/ 		43 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/req/site?sid=105386&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1686929745007
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
dsp
hhkld.com/logs/event/ 		43 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105386&tids=29219&v=20&cb=1686929745013
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.578.0_en.html
imasdk.googleapis.com/js/core/ Frame C403 		709 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
179782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231472
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 13:39:23 GMT
expires
Thu, 13 Jun 2024 13:39:23 GMT
last-modified
Wed, 07 Jun 2023 16:35:26 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 15:35:45 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dicio.com.br
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
setuid
pbs.nextmillmedia.com/ Frame 965F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17888&khaos=LIYQEMLE-B-GF3X
  • https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LIYQEMLE-B-GF3X
0
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LIYQEMLE-B-GF3X
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17888&endpoint=us-east
Protocol
H2
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://pbs.nextmillmedia.com/setuid?bidder=rubicon&uid=LIYQEMLE-B-GF3X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
usync.html
eus.rubiconproject.com/ Frame E68E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 15:35:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
pbs.nextmillmedia.com/ Frame 2BF0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1686929744280.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%...
  • https://cookies.nextmillmedia.com/setuid?bidder=33across&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=212187031499720
  • https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212187031499720
0
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212187031499720
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.202.103.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-103-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://pbs.nextmillmedia.com/setuid?bidder=33across&uid=212187031499720
date
Fri, 16 Jun 2023 15:35:45 GMT
server
fasthttp
content-length
0
match
events-ssc.33across.com/ Frame 2BF0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625788307119378&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=bb6b4e3f-4d9a-4ab2-b007-b89982032e12
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2BF0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1686929744280.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 16 Jun 2023 15:35:45 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x28 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=2e5f648c-8142-4e00-a92d-af87705ce1c9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:44 GMT
match
events-ssc.33across.com/ Frame 2BF0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw%7EA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw%7EA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:44 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-LmZFsfBE2uH3puVr1QHD6lVwV0PTAbsw%7EA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2BF0
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=24fdf3d903c62171&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAL4YDdFTF5mwMvHYOBAAAAAAA&expiration=1687016145&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL4YDdFTF5mwMvHYOBAAAAAAA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL4YDdFTF5mwMvHYOBAAAAAAA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL4YDdFTF5mwMvHYOBAAAAAAA&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2BF0
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4184420296987606615158
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4184420296987606615158&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4184420296987606615158&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3D33across%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D33XUSERID33X&id=zzz000000000002zzz&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:44 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4184420296987606615158&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B819 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=963790&predirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59861
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:45 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929745158&oz_l=365&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dc_oe=ChMIr9Dz-47I_wIVTvGzCh1BXwpPEAAYACCmnJRMQhMIhI3F-47I_wIVtQuICR34eAMY;met=1;&timestamp=1686929745328;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 90B6 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr9Dz-47I_wIVTvGzCh1BXwpPEAAYACCmnJRMQhMIhI3F-47I_wIVtQuICR34eAMY;met=1;&timestamp=1686929745328;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5Yjs-47I_wIVTghxCh3P4A9gEAAYACDv5qVMQhMImqy8-47I_wIV8CaKAx1h7Qr_;met=1;&timestamp=1686929745543;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CF11 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Yjs-47I_wIVTghxCh3P4A9gEAAYACDv5qVMQhMImqy8-47I_wIV8CaKAx1h7Qr_;met=1;&timestamp=1686929745543;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI17nr-47I_wIVU8mzCh1YegdSEAAYACCmnJRMQhMI3Jy2-47I_wIV19yzCh3ZHAfF;met=1;&timestamp=1686929745544;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1B88 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI17nr-47I_wIVU8mzCh1YegdSEAAYACCmnJRMQhMI3Jy2-47I_wIV19yzCh3ZHAfF;met=1;&timestamp=1686929745544;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ Frame 7A70 		6 B
101 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=12dd2e0f13784b286375f0203210%7C0&acc=44768&tit=CZMB&url=https%253A%2F%2Fas.cazamba.com%2Fcs%253Fpublisher_id%253D2071%2526g%253D1686929744&upd=1&new=1&ref=https%253A%2F%2Fwww.dicio.com.br%2F
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d841fdddc247148-YUL
content-length
6
content-type
application/x-javascript
cs
as.cazamba.com/ Frame 7A70 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.cazamba.com/cs
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.35.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-35-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
sync
sync2.navdmp.com/ Frame 7A70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81020194579
  • https://sync2.navdmp.com/sync?prtid=2&id=81020194579&google_gid=CAESEG1pufovCUzVXSwehdzJvo8&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=81020194579&google_gid=CAESEG1pufovCUzVXSwehdzJvo8&google_cver=1
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d841fdfcfee7148-YUL
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=81020194579&google_gid=CAESEG1pufovCUzVXSwehdzJvo8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/ Frame 7A70
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=2e5f648c-8142-4e00-a92d-af87705ce1c9
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=2e5f648c-8142-4e00-a92d-af87705ce1c9
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
7d841fdf6f717148-YUL
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 16 Jun 2023 15:35:45 GMT
Server
MT3 1031 59fd23a master iad iad-pixel-x18 config_version:"1969"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=2e5f648c-8142-4e00-a92d-af87705ce1c9
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Fri, 16 Jun 2023 15:35:44 GMT
cms
ups.analytics.yahoo.com/ups/58727/ Frame 7A70
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://as.cazamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Fri, 16 Jun 2023 15:35:45 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0105.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type
text/html
cache-control
no-store
content-length
344
usync.js
eus.rubiconproject.com/ Frame E68E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74385
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
dc_oe=ChMIxJLt-47I_wIVjdizCh1-0QyvEAAYACDv5qVMQhMI2q---47I_wIVzusoBR0OSAPD;met=1;&timestamp=1686929745573;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 862C 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxJLt-47I_wIVjdizCh1-0QyvEAAYACDv5qVMQhMI2q---47I_wIVzusoBR0OSAPD;met=1;&timestamp=1686929745573;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
as.cazamba.com/ Frame 7A70 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.cazamba.com/cs
Requested by
Host: as.cazamba.com
URL: https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.35.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-35-231.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://as.cazamba.com/cs?publisher_id=2071&g=1686929744
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://id.a-mx.com/usync?uid=&gdpr_consent=
  • https://prebid.a-mo.net/cchain/0
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F612%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D93fed4af-5152-47ef-a11a-60faf65...
  • https://prebid.a-mo.net/cchain/3/612?gdpr=&gdpr_consent=&us_privacy=&A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&cbx=&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=93fed4af-5152-47ef-a11a-60faf652f29e&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-IKK08Wdf46y7WAwGojCtqSyz0tTeN84BpIf8Ng&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=93fed4af-5152-47ef-a11a-60faf652f29e&gdpr=0&gdpr_consent=&us_privacy=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptmx%26us...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7868782405983581932&pt=505f9bb7-9de0-40b4-bcc3-f0f89cb3da49%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
  • https://x.bidswitch.net/sync?dsp_id=437&ssp=adaptmx&user_id=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 16 Jun 2023 15:35:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 8CBA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=93fed4af-5152-47ef-a11a-60faf652f29e
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-r.o1VYBE2uEg0FNoABcfBNXDIFVHfwm.z4Oeqr0-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-r.o1VYBE2uEg0FNoABcfBNXDIFVHfwm.z4Oeqr0-~A&gdpr=0
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-r.o1VYBE2uEg0FNoABcfBNXDIFVHfwm.z4Oeqr0-~A&gdpr=0
date
Fri, 16 Jun 2023 15:35:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 8CBA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LIYQEMLE-B-GF3X&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LIYQEMLE-B-GF3X&gdpr=0
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LIYQEMLE-B-GF3X&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dadform%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=adform&uid=7257672098865546847
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=adform&uid=7257672098865546847
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=adform&uid=7257672098865546847
date
Fri, 16 Jun 2023 15:35:46 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%...
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=smartadserver&uid=9195223259748919252
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=smartadserver&uid=9195223259748919252
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=smartadserver&uid=9195223259748919252
date
Fri, 16 Jun 2023 15:35:44 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dpubmatic%26uid%3D9ACA50E9-7AA6-49E2-A...
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=pubmatic&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=index_rtb&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=index_rtb&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=index_rtb&uid=ZIyBQpGLLvl3l6QCbO.IfgAA%26470
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=sovrn&uid=G03niPZH5lRXKpa0QfmyLxxR
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=sovrn&uid=G03niPZH5lRXKpa0QfmyLxxR
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 16 Jun 2023 15:35:45 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=sovrn&uid=G03niPZH5lRXKpa0QfmyLxxR
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 8CBA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D93fed4af-5152-47ef-a11a-60faf652f29e%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=appnexus&uid=7868782405983581932
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=appnexus&uid=7868782405983581932
Requested by
Host: cookies.nextmillmedia.com
URL: https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 16 Jun 2023 15:35:45 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a854e3c8-2de5-4e7d-8b1a-3a135c4121a5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://prebid.a-mo.net/setuid?A=93fed4af-5152-47ef-a11a-60faf652f29e&bidder=appnexus&uid=7868782405983581932
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080201&jk=1529839571453054&bg=!1Nel14PNAAaGYqkwpmI7ADkAdvg8WhjA4RUdMEWTlXkBknzlKugO0agNSny5dqQyKxKfFtNYH0FpHySRhLbIVewrJWImujjw55ECAAAFZ1IAAAAIaAEHCgB_sjWw_Y3POHFJcnjsVy_vW4ETP4Cfd0laLeVTwYstp5kM9fg64m8yiGGUNdaGTRqSfg6O3ZQ73Gf7HJD6aNjcd7q0OQ056VWreFllHouXFyf2J2xv0HON4lzV_q8r-A1jNl0B5ef4_WtwdxqTFyV85HxoIPqlWKr7fhuy7JfG_JkC3KZSNF3xanRycDyn4JCLe-IFbhwPdAyDblOGomEPsPRY7tcXQrfVEGrGGUhmBUu34f3YFEJTnXamA6lwLh6NVlqIyL88WLbDTWE39A6WFtzFl_uqoDwChC2ESn99AfcaqJ8jiOPrbPCeRO-pRjl-vR68rveuaZneWz4Ikrarhew44rxgUQIX0g0s78ngC2L3zK8qkYnKVCI1724pJ1UfeIYLb18BX0Njg42j41v3h84mwCU_XUn-bMxFOXGl2TLKg1USMr63J01SbuPcIV9YhWR_5OC1fp9npoZnw-uFE3G2RHS9eGdqvwd_k932BTMLSi5VOcOURWTPLgFYykuZJ15pTcBSlyEwJmi5t0Mh1jqdSMW0uhKiCLjTy54AigP9a6A79lpPxHSF_kZpUk351dxj1zeTRNExSrvThqKHTYf0rKlKgq0TNsMuqx3MEInGPTmdXsT81xjBsP_hYhAZy6H7OFJHw2ZxCFGz05XdvGdlfUS-lUDervmBmzuqzXCO957P5dGenDTlRch9vkXyZgVVfWjFjM4_RwHm4yjFM6POPkOmctB2iRvKTSt5kG0WJBixC7wv2RzjiAKm_2OPwlD1R_bfzGhwyULpxMbIIhDVVdXFtJGowT1io9IRWaaIGco-UyURGEf67ASnphvCTJtC5tLqIoIGmn5D-Cddn8KKB1Sj4S0zBIs6d0KO-Na26iUfd2JZXT6CHVRDESvoB5BXziKyU6F02wlBTjyqxPxgf_Easz2XXr-K2LPNW0B-eHjYal1x0mOQefhI5kgiCFa0kK2yOOhu1FLYwVLtvufjzPZGc2fzfIb8rLy7QfSeD8td6LyJESHGVvZzoiFus2yqma-QCxbRG84A9SUk_o90K2IcrA7niftAnYgL2mJkXDZ5HRH32YgROvBloX0-Exkvoz2IIRlDZzWC7BL7ShiLoLf4zr2FqilPWdfF6d6OdfJVjG8Po3LNV6JEvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
sync
sync.hhkld.com/tools/ Frame 4F70 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.hhkld.com/tools/sync?dsp=24&uid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=963790&predirect=https%3A%2F%2Fsync.hhkld.com%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:45 GMT
expires
Wed, 11 Nov 1998 11:11:11 GMT
last-modified
Fri, 16 Jun 2023 15:35:45 GMT
pragma
no-cache
server
nginx
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=CVCKAUKP&h=https%3A%2F%2Fwww.dicio.com.br%2F&tcfc=1&t=1686929745829
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/CVCKAUKP.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.195.62.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-62-251.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ba6cf42f11a5d00f36cedaf406636e87668fe0e966f1e8e46bddb39ca923efd1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
events-ssc.33across.com/ Frame E68E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LIYQEMLE-B-GF3X
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LIYQEMLE-B-GF3X
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIYQEMLE-B-GF3X&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIYQEMLE-B-GF3X&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:45 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LIYQEMLE-B-GF3X&ts=1686929745&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929745838&oz_l=280&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:44 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ads
pubads.g.doubleclick.net/gampad/ Frame C403 		156 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22737937330%2Fapl%2Fviaaplads8204%2Fvast_300&description_url=https%3A%2F%2Fwww.dicio.com.br%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4204583915643661&&_timestamp=1686929745056&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3184951222&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.dicio.com.br%2F&dt=1686929745911&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ&scor=4238523763168434&ged=ve4_td18_tt0_pd18_la18000_er0.0.197.350_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iat-realtime-7.0.5-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.5-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=CVCKAUKP&h=https%3A%2F%2Fwww.dicio.com.br%2F&tcfc=1&t=1686929745829
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0a07fac2b08e4d8fcd73df87c5465876f22038a46a3aec95cff8de90f02d9038

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
8F1GQNT9CE7H1HT8
x-amz-server-side-encryption
AES256
cdn-cachedat
04/12/2023 16:51:29
cdn-pullzone
55316
x-amz-id-2
0xpcquCSgP+4iHLDuLFIXLpVJknubXLkD4vUhQe7nwBIrvi+mYyEtUcDjx2buHsiCjDiGVBG76Q=
last-modified
Wed, 12 Apr 2023 16:48:49 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"2b2ae838052172f6a10c46fc9315f596"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
ef1e8aaaf8e4cf1bcf2a03287aaa88aa
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
iat-1.14.9.js
cdn.insurads.com/ 		113 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.14.9.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=CVCKAUKP&h=https%3A%2F%2Fwww.dicio.com.br%2F&tcfc=1&t=1686929745829
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
4bf23d0db7164af066d9d84e8d37055d16e160b516c997c84b08863ef2b0a2b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
gzip
cdn-edgestorageid
885
x-amz-request-id
GH0M1V8XN2PSSSB9
x-amz-server-side-encryption
AES256
cdn-cachedat
06/15/2023 13:34:44
cdn-pullzone
55316
x-amz-id-2
qSd46Fl+GqyvxgUNDCAEL7AR+ZHuxq4tizMmg5xTloQgM7Te56qmKCXlA1EHmPbiRVADsGy3pCvFxIz/MLpw5Qu0STnrdTu33ybMnvmTcaU=
last-modified
Thu, 15 Jun 2023 13:33:23 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"bde736536290438ee10ba74e494e5fbb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
106faa18a8a4a5608b3ca8e4486b5b06
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		139 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=2553&vId=004FCD87A9708E5B&s=2973&fpc=1&nv=1&h=https%3A%2F%2Fwww.dicio.com.br%2F&tcfc=1&lts=0&ts=1686929746073&iatId=a5a5441feb2a2a9dbf46cc8c3be1db25&iatIdB=8340fc644612eab4010084f9403d6a23&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=UUIMJUAOIA
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/CVCKAUKP.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.195.62.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-62-251.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d8f2e8e473ec5e0911acc1c656a1365cdbbab0f8b8e9592eec15c5c2ff41432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame C403 		0
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929746085&oz_l=375&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
csi
csi.gstatic.com/ Frame C403 		0
0
dsp
hhkld.com/logs/event/ 		43 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105386&tids=14926&v=20&cb=1686929746193
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.578.0_en.html
imasdk.googleapis.com/js/core/ Frame F789 		709 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
179783
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231472
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 13:39:23 GMT
expires
Thu, 13 Jun 2024 13:39:23 GMT
last-modified
Wed, 07 Jun 2023 16:35:26 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dicio.com.br
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929746259&oz_l=23&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ad
services.insurads.com/ Frame 01AC 		823 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=1079727&appId=2553&s=2973&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.dicio.com.br%2F&sid=004FCD87A9708E5B&v=1.14.9&rv=1&ts=1686929746548
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.195.62.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-62-251.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5d972ce073d4a74c8568523303596ef8e2b7e84dd9cfeddb43e9d87111257718

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929746595&oz_l=227&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:45 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ads
pubads.g.doubleclick.net/gampad/ Frame F789 		3 KB
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2Fca-video-pub-4090704406626496-tag%2Fviads.dicio.com.br&description_url=https%3A%2F%2Fwww.dicio.com.br%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=2460144613520340&&_timestamp=1686929746222&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3650857061&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.dicio.com.br%2F&dt=1686929746673&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ&scor=627497208789140&ged=ve4_td19_tt1_pd19_la19000_er0.0.197.350_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acba58905a59040decf64b9732ab6c85f9e70a13c503d698649fe5d19c5d0c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
915
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame D8D1 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:16:24 GMT
content-encoding
gzip
via
1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 18:14:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, EWR52-C2
age
1164
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
rkJoZ9mjSmChG5que5rrd7cDEJxjwIQTpc6sQ5tajGHkWr1x3b4MCQ==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/ Frame D8D1 		382 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d5f6274f07642282c3964360bbf8c865baa9552c2230dcbd0c9a051ea086f35a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
content-encoding
gzip
last-modified
Mon, 15 May 2023 10:38:49 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=75927
accept-ranges
bytes
content-length
114090
expires
Sat, 17 Jun 2023 12:41:14 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F789 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.dicio.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.dicio.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dicio.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&adk=3650857061&correlator=2460144613520340&ctv=0&dt=1686929747045&ged=ve4_td19_tt1_pd19_la19000_er0.0.197.350_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.578.0&osd=2&ptt=20&scor=627497208789140&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&hl=en&frm=0&sdki=445&sdkv=h.3.578.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&top=https%3A%2F%2Fwww.dicio.com.br%2F&loc=https%3A%2F%2Fwww.dicio.com.br%2F&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19483633b99a41690664c6702d860a7ad166c6cca900012c3f1fb9047167c5ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7402
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2t6c_I7I_wIVFY-zCh3sLAlDEAAYACCmnJRMQhMIwLT2-47I_wIVg-GzCh20qwEY;met=1;&timestamp=1686929747062;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4CF0 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2t6c_I7I_wIVFY-zCh3sLAlDEAAYACCmnJRMQhMIwLT2-47I_wIVg-GzCh20qwEY;met=1;&timestamp=1686929747062;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame D8D1 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.dicio.com.br&pubid=6f354287-be81-4032-bf64-3a62262fb72f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 12:05:15 GMT
via
1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
12631
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.dicio.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bBxpe9Y5GTT9xVSOYa1YxTWAA5a_RzkjDiU-dU98_MwaW6ZYFYO5YQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D8D1 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding
gzip
via
1.1 061a00fb73c7b9b18dbae9db08e7a852.cloudfront.net (CloudFront)
date
Fri, 16 Jun 2023 02:37:42 GMT
x-amz-cf-pop
EWR52-C2
age
46686
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 26 May 2023 01:35:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
tMeT8F6S-Qd3TCFNv64y4zHoC1Tr1xx8hVPPEu4lr-wXfFoCe__kNQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D8D1 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f24777bfa3f89b6962d6ce7d6baa96fcbfecc16f67169b94fb6aad78b152694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25369
x-xss-protection
0
server
cafe
etag
577 / 19524 / 31075344 / config-hash: 10714554489475813448
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:47 GMT
csi
csi.gstatic.com/ Frame F789 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~liyqeyx3&c=7262505871620&slotId=3631252935810&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame F789 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Arnv-zKk660MEKoESUPyBHFLM_kyJGq8kozWUqIOywMoN0L0UeCey8pNtUWbA5ZJvig1d_QmdxSjNxtmo4B3gkwy5FCA&cry=1&dbm_d=AKAmf-CO_pmQgB254HYzSog31UO2GANwyBGdj1GBN6lrIE2AckzivWaOYAMNqWJ7o_Sm68Io7ikKKhItNjILJTnMhkEq7UC57MIJMgQbp9-pBawxm-f1qNjW_jRCqKGKa_MDELIsAFS8Lqa0h0z6BSh9-aV2i2yY2xrjH_1aUyQYKVIAgOlG5z6vRItFW_XbtWHqJ7tvibRT2_ytBjz6ZfFYft4FSgnhqQiJyIol8aywCovEPAsMca9lDMww9xJkwtx-uNXB4Jm6MCok5TiNVjjcadgo4qpBZ9ckLKY9fCR3WWMr80kwiyBkXPYyFhHxY6nPGNasYKHqg9z-ojjI_CSNcEzwkcY521d3A-sXZxJqJiBDeNgXcZ80p9o55cZnaMQMbxHxonx9HaBbg16Z884h1VXU8qF_JiVD_N1kiS8J3hKOiXBUvNX-0s--_jbEhGv8JUg9ipPDID_sYFkBUnGeGe9qeg-BJ3e-cYREFr_15OnAXiUxMo1x-5CTnQJuVpBzka5lk2ABqieIxX_m0wb6ZmR06Nj3OMHXeVEIHVoE4YCdvF8TvTFGaWAaia1f5Aukw3vCDwX6e2AgcquJNcb-YBzl80Mf4-YvsrhJqTGkIXX0mpLIDK5KDOGJmIhq0Mh8yv273tyJhJ93k6XuYkHDmzPM7Uny8RhOOQXJtqT2YeCJsaEZtxnF19xE9FXh1AOyPeJDUjl5XFC7ljCMAth0eHZ4oUoBl_qNFHp4e1hOMUhgp9f6d1OHVIcaTPuqPrLTEguaYC-v-zgIo2gFUzLVfhtMyce6P8fF7Wib4aFZRPu_f5nvOgZHqkS6fDJCMtk37bT_8ie3F6JZgku4HcK5RZCB0tUGDwlm0Ut2O4IoMyy4AQFNgyhfYZ9k0EdqEoITwY23qz_yeoPT6-7acb02qnpZFxdzms_D6MDJwB7GxDFkTvxWv1cCSKBpxAK4M5C34zL1E0C6jvD1iFH5Db0pkSTGj8fnZBA-GHSmaeSo_btiuBOqdPVN-oJx6jNodcxLLU5GbUPBGv7rYdGgGX8PtVI0u7J02DF97DXKEgl68GOgDjgcIIutj3oiMDLMBgl-EokvMKSYpa5vLhq9iyW66WSmbx2uu33lPcg-Hm7pIgK7-sxxiO7z3rnPmDsmJV92sfdB8XpGKnWI0rM5XqQ1zqgnVvdexjy9VLE7XAkxQJ3-sJ8Jr-GVR2HYcXbmoECQ9TcrqjLYfafMAsKdUnmX7CSUvIAglbwhpOkvjbyPRbycJ3N2DnF-ogmsH3Vib5Zq8IlMnH1sxDDjzDL2P8FOLrqr5npvm4eCoF-_UOIQM94X2PmHzsB0hshgDOz6LeqejbbqY8tgfx505jxBiPcsoiIl2nm9sVpANkkrrlH5f34QT1DC82WbDPxKvj-UOqcG1OMHB9I85b9-r_k18UN00PuQ_xHiap7mB9hwm1X3d6dpW6QPnH4lUAWDbTyCvwB_3m9Z9D_2W280S2lfNVuNEMuAn0ePXvr3cCGdmLKnIc1oyEn1GhJyrldu0tyl4hya11ZsYYzIGCWzRvAXtghlG_j918DJjD1dld261U4KYIcZ68pcW4aZ_wMgXIacEflJuki4gXTHNjXoIvocpWMQfhDibBXr-Lw4EXBUp7DWE6AKl5mw-RQL498qax9wfSPrffDUUTO-gkPa_LsnOvKgA4Fye6krhWHa7qKb20NCMTOFFn8Or53hGzfZELmRpQgzEewit4njJDsdKoDkaF6hjjqXLv4TxRK5FRoJpCJho_zZdyT-LHg12hcYH1DLayRlK65_1Ap35rXlGtqyGEuXC-xlwyHZHdy3hFBi9GO5R3kvYNJwIBiqMb8YCM-ys7Qdp4Lvn-W9nPAtsfWET1sLmAWhhd5f8UjGhk7jQBE-V57MyB5TornDG-U1qnR2iQn-ylnffiXy8AK4GZvbbuFSF-eYGzeqCieaFNC7OZ-dKe4ihoMOgoiTLu2Pi4iU8siaN7rch6YauYY5MGFVCqPLCAv26cCqOmMxIK-MdPjtB2GXMImxIrNrQWxuUiG8kbsTC1LZSyi_VYBJyKreIdCRPmc3arwR2cHMqVMYfmidjw5Uahd6s1kF8_szQaRL5uALb6sDk7zkaNXD27Fb-bcL6xhfxlA30DH4zkianDsEkfOR1enwlgJjdJ_6nPp1OW_whTF8chIfBZqqyUkSexUrvca6h3VIiu5lixrninHyImOGiTY8bGptSeSMZnWdY_whvQT894rb8inx_tiKSDyLRB5JYPmrbgQF_HfkUg4P3twNYeK98c7YAN4XTLqMBnIg6nQVu-WG1_nYEfZEgNmG8vMVe9RBUaTvXHEZ26AD4W7Wm_KUfQfvCdDQhqwQBfMEIt9C3E_535Y3NyCExVSVGY6uyptCddGuJBAxLScd_Qm7hPMxmPUjBZrQk-lBU1YfJaJV0dFi-CC4wjjy4xgROE6rbM9hnt45Nj779rQm14TNpcZiacSQGG9DCxjC__6IgCQnid7_Bm-9fzv0kcTcFe4hbx-krB16I5LOF-m5GTI-cRkB6y6ErNvuPhAmHiP6sMxED9NFQJMiPJM3NPGmpoN8no6-1_jkrSEc5NPCBE1fLotLBUo-Axt4KeO14ZOcnG2iR1JDei-txeDF-fcawe22u5hEbyRbrCvvxr2IJedq0rmAZW8RM86Zte7I7jC_AyjfHQj6av2DNnym-0i5mxXAqusLgLzMiXBwA3Eh80GOygydAukMBjAD4JV7wmbgoVDRUUCzwejfNnZPbJlgRyBJmkZqwKLNBJy9sQCBxOOP8OlHZ_T9V36EqTtFTZ7y5I3bCGr5aEbASGGcnP-xVyzAHTQqvY2VdDHzt0M1c14S6NtHQuLTNw7nZvbaih6OfKbDYBAIgDL4c3rdTkRsmYnlO2Qg3uevQplRH7hWKtCEhARZ-oFBFyfAfMdL-VM4_oprLi20rZ6myFTzOIsAaLui_jE1CB_AAsksgy3GqbXQkRlr4rZiHtGQi9_-voec2KDtSVwUBtT6IK54oSCF0TpmrBkztLpPLx_z8cdvP-yxWlobNEkaJ5FCrjlMv9xNi95Yut5N9T-IV5v-p7-PNbJ5WGg0h1en1hYuLz7ahEaN-lKAAGe6XBtf3yrmr4Oms26Ux557ZmQECgFDHj-4ki31ETur-MPk_yoPZVX7Exf-zSrDek2Ct0PN4nZajveR2o-jnz3iS9BCG0JCspbrZ5kWjm-gcIfLpoW1aXvxdTQcmt-zez2JIgVVD7IU29XrxHcQGK7Avcm8W4PSRSU6jzELT_Yh97rU_phM2-DYk_03qx7Y9y2uPfkLqhiB5tH2ej5ag8DJ&cid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3650857061&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.dicio.com.br%2F&dt=1686929747498&ged=ve4_td19_tt1_pd19_la19000_er0.0.197.350_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
57bbaf4337735c87999775c5198db37e84d0f3608e8639b2f10c09850159001e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16237
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ Frame D8D1 		404 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 15 Jun 2023 18:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
75538
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127303
x-xss-protection
0
server
cafe
etag
14748094856067035890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Jun 2024 18:36:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame D8D1 		2 KB
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ce5e30dad56d17a991fd56a91b53565a55497afee5597db8f7594631a483171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
598
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:47 GMT
dc_oe=ChMI4Nq3_I7I_wIVTvGzCh1BXwpPEAAYACDv5qVMQhMIxZr--47I_wIVBcrjBx1NyAoV;met=1;&timestamp=1686929747634;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8779 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4Nq3_I7I_wIVTvGzCh1BXwpPEAAYACDv5qVMQhMIxZr--47I_wIVBcrjBx1NyAoV;met=1;&timestamp=1686929747634;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6bG6_I7I_wIVChGICR2OHgc8EAAYACCmnJRMQhMIiLD--47I_wIVZeS1Ch3nPwA7;met=1;&timestamp=1686929747655;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 90E5 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6bG6_I7I_wIVChGICR2OHgc8EAAYACCmnJRMQhMIiLD--47I_wIVZeS1Ch3nPwA7;met=1;&timestamp=1686929747655;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame D8D1 		613 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.dicio.com.br%2F&pid=gpENigi9g3lV2&cb=0&ws=0x0&v=23.612.1758&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1686929747021-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F209606714%2Fdicio%2FFBK%22%7D%5D&pubid=6f354287-be81-4032-bf64-3a62262fb72f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*mqoPSv92dJr4PNzel-GtPVgDEWivYqnnHh_3E6O5avpP6YDz0avjVGl5yoTEGhP3T-pv6G-5x-0uMaw03e-qCA%22%2C%22pubcommon%22%3A%22d5d36e4d-9608-45be-a7e1-f150d6ca3dd0%22%2C%22lotame%22%3A%22db92a58913de456b15f849a0456216d5393824a8696974b0d63620e173e0bbfd%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
f88999df1b4015074d4c92def8c66f51065341a47213394ae2d8cdf2e8452aef
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
TZN3Z2T08XVJ5Y3WSKDN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
613
x-amz-cf-id
liV3eKKRKYDBaRU4cQ8qmeQvlyJKdPfHNmzbIiw7qdRp9UPHmvBs6A==
csi
csi.gstatic.com/ Frame F789 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~liyqeznw&c=7262505871620&slotId=3631252935810&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&vmfc=13&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=show_ad&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVIzCNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTVAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame F789 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cp5kaU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwGYBACqBIUCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEup7OGnnaOIKdmvXzGI8LZ6KQWFP6ofuofd4DqtoIwfKAkMVBJ7Plre-QFSHIe-n2NLeP1Ono5QXKK_if3czYBNowASU_bzwuQTgBAOIBf68o-JHkgUGCAMQBRgBkgUNCCIQAhgBSODg3gFQAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHpcfuhAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChD73R4Y7q7S2wHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAbATo5fcE8gTyrPM4QPQEwDYEwqIFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItOTA1Mjk0NzI2MzM4MTUwNxiM9G7oFwU&sigh=AX-jmaWgiVI&cmd=Ch1jYS12aWRlby1wdWItNDA5MDcwNDQwNjYyNjQ5NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB&vt=10&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVIzCNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTVAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame F789 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~liyqezvv&c=7262505871620&slotId=3631252935810&qqid=CJjA2YKPyP8CFYvIswodOqULAw&gqid=U4GMZLWJBI6wzwXj5pbADg&fb=ima_html5-lima&sdkv=h.3.578.0&mrd=4&aab=1&itv=1&gpm_i=13&gpm_c=13&gpm_a=13&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~liyqewsn&c=7262505871620&slotId=3631252935810&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
32
r4---sn-t0a7lnee.c.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-t0a7lnee.c.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/acao,ctier,expire,id,ip,ipbits,ita...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-t0a7lnee.c.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EF671F55E10704C2157258E565AD5501715F2B0.08E3B1EFF3AF44E56E87314F8F8E0D6133B1B6FA/key/cms1/cms_redirect/yes/mh/EG/mip/2607:5300:60:7867::12/mm/42/mn/sn-t0a7lnee/ms/onc/mt/1686928860/mv/m/mvi/4/pl/32?cpn=Bk4n69YSOADNWqPt&file=file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4020:2::9 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
1c39a7494ce50db11c38e6fed5c17a8bd678ff54a212d2b82c7686b5a82655d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Oct 2022 15:03:00 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2219582/2219583
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2219583
Expires
Fri, 16 Jun 2023 15:35:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:47 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-t0a7lnee.c.2mdn.net/videoplayback/id/b32e3cf4a719c22b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3809430255/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2EF671F55E10704C2157258E565AD5501715F2B0.08E3B1EFF3AF44E56E87314F8F8E0D6133B1B6FA/key/cms1/cms_redirect/yes/mh/EG/mip/2607:5300:60:7867::12/mm/42/mn/sn-t0a7lnee/ms/onc/mt/1686928860/mv/m/mvi/4/pl/32?cpn=Bk4n69YSOADNWqPt&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
676
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F789 		31 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.dicio.com.br&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.dicio.com.br%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.dicio.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&adk=3650857061&correlator=2460144613520340&ctv=0&dt=1686929747864&ged=ve4_td20_tt2_pd20_la20000_er0.0.197.350_vi0.0.1200.1600_vp100_ts1_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.578.0&osd=2&ptt=20&scor=627497208789140&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&hl=en&frm=0&sdki=445&sdkv=h.3.578.0&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&top=https%3A%2F%2Fwww.dicio.com.br%2F&loc=https%3A%2F%2Fwww.dicio.com.br%2F&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ&fbidx=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8661694d009297c1c2577b45675c6370a79a8b33049e95c77fe2fcf6bc02e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7525
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 9038 		273 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2acfeed05c6535de8b8139cfb62463d592e779c0dbef183b21f08f5a4a58f623
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
273
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:35:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
310XA08H0B53C1J2D0BH
pixel.gif
px.moatads.com/ Frame EEF5 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=322903725&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MB2z%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-r%2BQdWwIJVy50og%3D%3D&sc=1&os=1-lg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.dicio.com.br%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.dicio.com.br&lp=https%3A%2F%2Fwww.dicio.com.br&t=1686929732836&de=657644552701&cu=1686929732836&m=15188&ar=fde231f50fe-clean&iw=b8ac528&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&lf=413&lg=1&lh=74&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A616%3A616%3A4018%3A673&aa=1&ad=15002&cn=10625&gn=1&gk=15002&gl=10625&ik=15002&ic=15002&ez=1&co=1023&cp=717&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14958&cd=10007&ah=14958&am=10007&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=9502%3A75167%3Aundefined%3A10&bo=4945&bd=dicio.com.br&gw=triplelift879988051105&zMoatOrigSlicer1=4945&zMoatOrigSlicer2=575154&zMoatTactic=undefined&zMoatPixelParams=aid%3A37000276533921298888890%3Bsr%3A1%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jm=3&tc=0&fs=203695&na=219852512&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.189.155 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-189-155.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Jun 2023 15:35:48 GMT
pr
s.amazon-adsystem.com/v3/ Frame E31D 		357 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c4ca05a72e5cd5ac1bf636948261bcb860fb5937a457ec61c1807492f2128e93
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
357
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Jun 2023 15:35:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RSXWM69NY7AABHWEV4MB
ecm3
s.amazon-adsystem.com/ Frame E31D
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=a425a098-1bfe-4b7f-a07b-d43deddfff0a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=a425a098-1bfe-4b7f-a07b-d43deddfff0a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K01QQ1WDTEJTSXKV14ED
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=a425a098-1bfe-4b7f-a07b-d43deddfff0a
date
Fri, 16 Jun 2023 15:35:48 GMT
server
_
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=video_ad_loaded&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVIzCNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTVAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame F789 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 09:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jun 2024 09:18:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F789 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F789 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxMvvWj9eTEVE9-aEynldEKgZkIfy0_QeBaUbns0_ZGAIgPgjhNUIu9rvoI_oKQOf1LSjQGfJIFY6wInyhrHmYIgosQFN3W2huJBEkYYKhjSsi_sY9T26p9JmLQ9yYprxuDBeEaPnpQKsFd1JJi_M04z7-L_OLBOTPEwV1m5_o9aEf3RqJ-kfB5g3YUfty5gQ03KRwKUKmCs1EZrDfQwhThRsTa05ffwZnfyHt44zZ5dYNDRDNAE-QAGngLVH2wTk_slri9mqfJuU04QAX7nDx5KSr1K_6WugOV-0aISD08VpXfFecsQbdnSr1OD9XrWY2Y0h7fK-KAqyDq1mMBNCaNNeKF759iYdDLjnnFr39crAj-_2AtqOSpstu99ElzjVsArdzX7-XN9Kz215xAliLMA29Y9dIfQjBDwK-zp7dtqyXiOq6o5VyWVgjgRUM0mJXKSGmfTl-WkrVcujkhBZJjZiFUtf4xk3bHMc0H462jrRPChpRIksrZ8SqvdgFq3I3yHZu4wFWfkQb4ff7v_grMH2BdmCQgf92gsEU9vfY3HZO26y2mkGTTX9OH2cfU8XVsi5uXybMv6-yDAmcZvnke5z2F42PQVT2KzWOcp4fjbpwy3JOuMPVAWbhDYmxlKJzp_R9qs9SXKN2fnuNtzWqhCCaAnBQ52g9pXY5yOtHKDsqhAXbAr1bXEiF7uV1qZIY_5DHUSrWnBvfMKT3sTo7eWd8OLFB5IkQCEnj3Kf8Zu8AaDEnb5CBYQdvMAiw_H7upoqkOLoSvnxS_IuOhUlViHJTEXFcmC7cjGp7dG79bU2qPmam8T5MGKYmDV-PdgIBV-eulJMfqZx4aHM_VHb67pJ3QCKuiYEXwWh8XP3sJOB68RXbrmuoF5OXbjw4gCY77sWDcK4OPCEIaxA37mdmwt1HDsQrfetx5fmteHmpyFiC84OliBF9K11FxDQ1PqYT5TDIO_w7XEvBZuNuC8_z4j2Zu-CB9D2umMYqyDRzkboXEmWc9hxHpqhHddpPXOh6lfusRsqVPlXMqUI8t-7BvbIfm6TrpV6XMijI1b8HfbqfxMdIWmZgrdfafd2pjsyFrYl0eCFv7cL0Vuce2yXtY6zYpMhXMMPVJXw3ba9QdHSxbWL6xT3_9SSaVudJOVO40uLiqBGdVV6yZ_zRyIXTfWq-YHKOBZIk_pJpROsMt_YQgDRN5aEvjwwaawSdqc7lUsBcKjlnm2J8GOSox7ff2MDfJnKn803SuC8nFUmPbSA4s8s&sai=AMfl-YTgrAwwOcQK0GtlcA0IHhknzzxZ_4CLFYF_YVpSJqWPoKN1J7RcIdbyNzHfGfPzXXShwarQ-1ba0nc0jM1oNMkEwFUqpcNcu_BczOSgiICAZ7qAyumZWfRZ0Bv3oc-6SYZNi8-t0Y656tLbUf4bETohsC4_mbYhoiK9OKl_cDtn6anqp0YB2k6v8IXHaSZZAlyaSR0bdsgSTb4BkMaOg0CSbO0QBr5cIUdTsbNl66VfRQQJVlHWc694wofsPCxmdV7SJ-A&sig=Cg0ArKJSzKz2oDMfc44dEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.578.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F789 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuxswEQzLW2ARjurtLbASABMAE&v=APEucNU63Me8MgCY-v926tQS7JNXyenP1BzEKvC6u308pOnQrtEiUOYZiKrcDs6mgRFT0cgE2vrWz_WaPPP0W19EZGLnAl0HJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=vast_creativeview&ad_mt=0&acvw=sv%3D954%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748147%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F789 		42 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui68c-a--hw1A_Mo5RugGpjPMGtXyi-c9nMvJ0jRbdvs4tTnmfzJZket1y0x-tZ8V8dioqmtgUPAi4m17tqPUjsVJ7484CLm7AFO_N83z75iT_uV800ygWyLgEXcSL&sai=AMfl-YTXGekGYrwFZXHpiTis8Zvkd_9xdPHqiyJLobIhB5cVe-T-5GKiJhL5hspJiw3GjcIlNC5pTncwvweJUkfJTXx5664h3JJib1PvJ8n4PCrZ9uR8BQmlpAOu84FO&sig=Cg0ArKJSzHDkZpUrClAcEAE&cid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB&id=lidarv&acvw=sv%3D954%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748149%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1686929747777&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSf...
ade.googlesyndication.com/ddm/activity/ Frame F789 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D954%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748151%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1686929747777;dc_rfl=0,https%253A%252F%252Fwww.dicio.com.br%252F%240;ecn1=1;etm1=0;eid1=11;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=part2viewed&ad_mt=0&acvw=sv%3D954%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748151%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSf...
ade.googlesyndication.com/ddm/activity/ Frame F789 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D954%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D28,0,0,0,0%26mtos%3D28,28,28,28,28%26amtos%3D0,0,0,0,0%26mcvt%3D28%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D28%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D28%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D28%26dfvs%3D28%26dvpt%3D28%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748156%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,28;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1686929747777;ecn1=1;etm1=0;eid1=16;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=admute&ad_mt=0&acvw=sv%3D954%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D0,0,197,350%26tos%3D28,0,0,0,0%26mtos%3D28,28,28,28,28%26amtos%3D0,0,0,0,0%26mcvt%3D28%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D28%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D28%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D28%26dfvs%3D28%26dvpt%3D28%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929748156%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,28&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
hhkld.com/logs/event/ 		43 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?sid=105386&tid=14926&event=rtb&event2=impression&cb=1686929748181&v=20&vis=99&run=1&pos=1&imp=1
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
hls.light.min.js
cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/ 		249 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1afb0b79686cdb9f92bb2da36ae6b9ab8b9134a4ad0aa749f42d0b46acbc134
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2652115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
64250
last-modified
Tue, 29 Nov 2022 11:30:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6385ed67-fafa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ3dZo5lyuFWJ2XLgE9CmP8M%2F%2FkapDdiHm0gitjyfsq1qUrKAef8%2Fer8N5J2nY9VqSCKCANHQuSxvbIHtULYqV5Tw%2Bnq9OCblEqzC5%2BjdtDzAy%2BXVob3oDb4KT%2FhaNuSiRE5xSbfnbaFBkOBCLve%2BTVz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d841fee394533fa-YUL
expires
Wed, 05 Jun 2024 15:35:48 GMT
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		494 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
player
hhkld.com/logs/event/ 		43 B
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/player?sid=105386&tid=14926&event=rtb&event2=start&cb=1686929748211&v=20
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-06f01a09.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
csi
csi.gstatic.com/ Frame F789 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~liyqezxe&c=7262505871620&slotId=3631252935810&qqid=CJjA2YKPyP8CFYvIswodOqULAw&gqid=U4GMZLWJBI6wzwXj5pbADg&fb=ima_html5-lima&sdkv=h.3.578.0&mrd=4&aab=1&itv=1&gpm_i=13&gpm_c=13&gpm_a=13&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&met.4=ff.liyqf06x
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame CC6F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
12680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 12:04:28 GMT
expires
Sat, 15 Jun 2024 12:04:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vast
bid.g.doubleclick.net/dbm/ Frame F789 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CZYVFPcJ7gDb4YjRJ-D1xZUdJV4a5IqCdkeNrBJC_f0a9uJ-SeqyzN-C6qTlCsFCHLtedny2j9q8AXcB71Z1eq2zYUaw&cry=1&dbm_d=AKAmf-CDudJss_JAxbI0igIOgL0dFVU4OMgTRmJ7gpSLEUmBw31GppppchkNUtDn4_WfaBqUfeR9SEZgFkDqlt9duWBMJkPz7YXsnH2D8efcphQ7QYyN4r_WpBaq2B4bbEonBt4IElmBTxejC8FnfnYewvComAfquP4JIcqpdp3DTL7BQ6gUAWHd6zwXHSEDtW9jvpL55FugP-TEPQcDDz2pRk9UnF9PDYQRLpwmFW98DtF7tMZzMTHz8BJ7OIFtZfw-SUbX69oKT7AI-lz76OAuMBT1VGfJvX28Q2vGp-68GZ-7lkKP5nnraZ64MVFmkvlraq_RtD8nkj6aBAwSi8TwlzX2QgO0GWSiOU5KcJbH66-To5WKPRdrFFjishBrRsepi9haY7-iHf507p5w-yI0vIY-wrkcBMP0ufgVSmbhgQ3eHLdEYaWThV1PzO4i9qchVi8Av14dLYaONGiG-uH8wdtEuompxCT1E0KLvTSKSPks-ksEKVyFXC1OZFSJjoOZXXH7yU7RPP0VU3YCO_yu_7Tjg2kw95Dja7AXS2SYviItS1SIj9yQpvLANr9Es6KF6_MfRTxj4CA2FBI37tkfWIOR2qf8NwOQ1e5zxH1DC__JTUisJ-LbbLpWGL0SmxaGChayUdxlywh7lTN6HsOvwgsKQsdGaS1HmQtk1UY78c0-nkRw-MoKu1rJjtzmjB8nz-hbcgCOb6gnJHFVD6tAJJoybVwUyFKtVXvxDOVDnC9F9aGr-Mlh3J_BC161Eo1DRuEfrYRl_OIWVBB1rG5AMktrmZGG3eSmmJnNfOr0C0TevPEljiHzSHJ_ouqEFSEpieoNVpuEVwMxfVMvEba66SUmWpvEN22spqXlCp1vUU4p40CGkYw1Gv2eYHp8wqgheslfnYJnWsAlH0rdEaeicvCnA8PKvmwRFZjpHySGeqqmaMzEZK82s7035KsPq71a4un95ZerK1c21u9eTWw0tp5sN4tKcXf_quMK5Ohbn6uMV7len9GATveFj7Kja9Ue_7B8PWrxuqOZrVGnk1ZWrBzyt2Nh85X9z4zKLO7ZB6gZA_sT2oEBa2G0vxYuVE4_Wq6ZcNRLc0YK87K-UxppFIkCHMxuhtDp_0CdroMR9_WmugagLSCOvxGjZQfkSklKjBh-2Q8MVFsGCZeIMe1UEww7aGjkVCuQwoklAJ-dHfvdUIeUildWBqhrRb9oiCT6hc5RL0R4jgkf0WdnFZcMvLQ-UAwnDubgaDAB_ylJQzSpyHGGuGY1AYts3uVO8vOLtv5wy4gJ0grXl5UX1mg4Rw-X4tLM7XgHeSyBzGz4b4gyEKuYHfx8wm1gkagNSiH6ZjR8xz4lgpIsTgENvUd9FfKd6PLY2bh5kSxBxDV3CJGowz9_OjLkLsN78jHHFxkdn7UF61EBr75iylFOAnIM8Zn-f2FL6fqYL9-Fy-9PnfydQomeKkwHijJttQ15MWECvRm3vf9qOTzz6XtsDoxKuEQmuGNvpbewxapGeME_ErIFaSSfkfqyhbXhRy3X3W_DMLEjHSO8TkMFZ8yzt5EhwC7dKFdLzWtkJ4SRRvoTpkV_1-4ddyHQAyTb--Y4F1RMeQk3eDhwPwIvpFy3Ks8ozHG4z_YcfHmp-U5Eu6II5NTvzxGHQNjKubsEaVCFIcASCsjQMMCrafvkVh8RP_bolJWw8wvuciBwrWtdhYgvcH_bD_NQdZfrjSPmkjqv_2ifcHKRZMXIr5195Lg-XSnr_dQq7JnxPfXBvY-vVwWg-0fQUnan03jY_HnxqdDn_UBSgCvCLgMfKkBwTihYYB1Ho6q8PY0ir1IZ0Bzeot7RnDFS8E1SOQHCCsb7UiA9WVGnHsKqiM5aiGlmApumaOfCUhSAVYfsEpSyVoyQbqAhThRngdupeGFxbAgfAlyZre2-L0tD5FP5TrLyUBImpgfyMwgWXpSNZeqobu09KL7x4qb-W1TwYOrOVXffqkkDf_M51IAO3p2_i90KHcUpbqAvKAgqj9kp_6iDCj1gqZumoynh1aRSdaSDR6X6Haa7Dqc82jk_RfbCfs7YcksypsDYE3Y8R8Rvx9ICI-1hN40x7UWq3dM8GE_bqBD3NeqFyVXh20b0bmU3m3yYHQ-Szge3IOVhzQLbPaE53cpYylv8cX6oMVVPElfudCxouaZ4xQX746GuzoxxtAyb6gshAeaewI5yAXYc9prOzDq_1fROMVW3JXaoG45a8Y2y5heKvgdyOnGnnuYgQZLs9GRPW-Jcj2nJnawU5Klu18f2CIO9EEzyktnxsU_TTjJnKCNQyEYTRZqNO9Rjk7ASCAFLlqZF-KocIW13uxYmDcr-jYkjyPw3PAaJXZRvM0zyHEzQ6cC9aMuyIqk97oOnZ171BSvgHVryWaOuJGV3BlbK4zsCYTWFdN1eHGFAYVPZzQ9n_-QsmgWoA2ZOIw8av3pPZqZWGtq9EitjmZ1SVxiuod0csBQWMCoKBsS4XsaODqxUChRURjoze7Tm9uuVDXaBUhnGHqIK0R0u6kKgAC4deYtLNPjrxwXV_PCHBQ9dQL3Op5svzV06ZMwptGyULtxhP-DX_-h3xKpAJ-WNBZL8o5ymqW5kCmx42wEFWebGGyFj-0UF7g0xu5E4G6GHSha96cGs9GbU-QBXxKeHTkNexdS2P3S5CNBty5ZUnGklsn4ENWZW_7Luo_n0E1iyT0re3Kxn56IH7Dg9Vz5T1km7C8UMYHDyovqt7gNQ7aEtEATIFEIruKOj8eHh2YNCDogXEKhEcCeeDojQ3CMY8LmbLH1xl4-m_2V6_J9Qf2m-tzx6NwcUcf0TpF2XXOPxFJFk9WGy4nJ_cXqr7HcA4UGQKpHfIHvOEyDxtp_6EzU5diGwvD4lcsFBcvUXCg5kGhkBiv2pz2CIJQdu4wx7CuaD-27uup5OfTCGH3VX7Rbcr8S3rE0KTy843wRejbGMaURIOZ7280oKbXUhFKYCB9g1jzmRDqVDhWg7NPH4t_fkOKJpYiwb72rEBBsAK8ZBkpoFztnkvDQl7FAI_oP4XP7N5LofHEVCE_s9FrlF_zbRSz4Ij0EczsdNjlRMQULjsR9GLVGjw3P4CbFgQPlPzJBgpYhrn2bpgOVzz34_WD4Yi3a39OurF3kLYO-SuvLtLcy4lfzJyIJENCav1NLyWW351Ao2u0gUG2U8ylNZHi15RRJOsdXAqwNgo878IR83sOucB0_xafT_pHYTyqq7Gqi5wm9s8odTEgMXYTZuXqCFLPMXbg1zBPA4ZoajLZIsKtG7IkxdEicKqa4mAAP1kFxOjezKX2_x7PYpy2-he5ENZypDP5Ijhso8Y2fozS5-kADUjRessowHxmmRCiMnP5uIKJ6ocL5EjUt5kfqzlGXob241VUNtedj9ce-lQCfkOOkYNnM6gfYEb7WpET8aIt3a3CoryVwOiC8-9PPZfH4qyKs-wDpBB4Ow3DXF&cid=CAQSPABygQiDfVZjIkVRw30W3CtjRdY2cUxo6lriS2ReoCZj5xdjWxWLGTGkkAR2LcnXll0sh9r12_Jp6H3H1hgB&vpa=auto&vpmute=1&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=3650857061&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=B4C35DA6-4612-49E6-960A-2E2C66A9486E&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.dicio.com.br%2F&dt=1686929748340&ged=ve4_td20_tt2_pd20_la20000_er903.1226.1100.1576_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
71dd4e3a92326ed555d0ed4735e71495d7c8089da9121ec83d89f7a4cf0f0c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16241
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F789 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~liyqf09k&c=7262505871620&slotId=3631252935810&qqid=CJjA2YKPyP8CFYvIswodOqULAw&gqid=U4GMZLWJBI6wzwXj5pbADg&fb=ima_html5-lima&sdkv=h.3.578.0&mrd=4&aab=1&itv=1&gpm_i=13&gpm_c=13&gpm_a=13&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&vmfc=12
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
105386.m3u8
hhkld.com/vi/105386/ 		204 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/vi/105386/105386.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
ca703fc1bfe554cdd11fd18e95e05333a6f7991ec3c9c0994d11431826d56c8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Mon, 19 Sep 2022 17:41:17 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
204
expires
Thu, 31 Dec 2037 23:55:55 GMT
1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
pagead2.googlesyndication.com/bg/ Frame CC6F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 07:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
203563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14776
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jun 2024 07:03:05 GMT
batch
services.insurads.com/dfp/mapping/ Frame 723D 		1 KB
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2553&requests=[{%22eaup%22:%22/1062898/DICIO_BR_HOME_SIDEBARSTICKY%22,%22eoid%22:2222468848,%22eolid%22:5179162798,%22advid%22:4502590479,%22w%22:300,%22h%22:250,%22eId%22:%22main_dicio_br_home_sidebarsticky_0%22},{%22eaup%22:%22/1062898/dicio.com.br_new_mrec_home%22,%22eoid%22:340220598,%22advid%22:10041388,%22w%22:300,%22h%22:250,%22eId%22:%22main_dicio.com.br_new_mrec_home_0%22}]&h=https%3A%2F%2Fwww.dicio.com.br%2F&ts=1686929748541
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.195.62.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-62-251.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2f644833d4942dd5a8e3720e2eefd152abb64dacda9d4ba0a1116b506430b795

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
1053860.ts
hhkld.com/vi/105386/ 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/vi/105386/1053860.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.8/hls.light.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
69ac651a5adb331eee3f1437af27f0b2380d82db9da55074e3970dcfc15286e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:48 GMT
last-modified
Mon, 19 Sep 2022 17:41:18 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
https://www.dicio.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
47000
expires
Thu, 31 Dec 2037 23:55:55 GMT
8d3e945b-41eb-4942-a2f7-a4e91d31d34e
https://www.dicio.com.br/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.dicio.com.br/8d3e945b-41eb-4942-a2f7-a4e91d31d34e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3e08d50474bccb1997f8f319aaf608fc763e678bbed630209852b0289704cd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
85596
Content-Type
text/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC6F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.578.0&bgai=BagDmU4GMZLbUJfGcoPMPxdKVmAgAAAAAOAHgBAI&bg=!rq2lrfnNAAaGYqkwpmI7ADkAdvg8WhQOpccb7OPZGLUJLC544Vw2Clb15gSR0WTD-wgcqWypRKyZKbZCLYcdxJeO2nGy3qXEkv4CAAABMVIAAAAFaAEHCgA00gCku0lbFJV9_Gg9Ku3asnXObqbCVOOV2KTW5kWJ6xJPH5bvOKC_MCrf3KCAwrHb19PER5kC_5hDOHeV7ofBWEjqtULeeYwgphjb0jZgN32XRIbg5MTowh2meF8Wb9hDJ2ECLdACXWMEvu3oeX5KTMMm57N9ox_Xoq47vTp1kzAkBfiiVpiVa2dfVrTNTStj32CelQcLMJG5MD1_eSozWoCmxxzyJo3vxP2mT_Uszbjy7oTez5LKpG3olVsllM1OMZMwVe86XE3rqYLMHtMQS_98ZRx5ZcrzFoKHo25PpXhqhzyaaGw5KNZxaneHd8kRob5UBS_yYNk9uIM3VGFr2e_hyAim36Xeh1xLTq_hjtW2A_qthLoBpEcIjqTPlzL3DIIIVNW92yBDMbHSOf3zubVTRadwfeWfmFPBXqWlvZ8DbMPAHCethgE6wMKjnVIx6Tm-pSdpy0qoEG0klUZI1HLDr2mSZkVLsjtIHXpl1l_frO2Jpo6f_5Ul9RPHvPP073lTVI2BDfAdOmUbdXALc2NwLqaFleJmkKWv11LCLBHDEimb2xV7b0Vr0h46VAQ7W6VUnDuN9mLfrsEmMV_a2OgKaILc4jqsmP2DYwUKN7MQ5G5U6KIO714PkOPEKHHG7-DgukCIqwTeVUW2LFFpo9eqMqH2ttPBQMudcgiHMGQUHS423SD9mtPVmfBjXZAq92cEHt9uSJ1OQVqy4xI9iM-UMbxvMXVlf-r9G8tqolGnDLDSeKZytyE6jMjLjtONQxJ6MwMXjpLgS9zsqz1A0X1EzbBrG4AahPYoNj7uaTBtVxVeL5AiJLDMW5ryZl_6ZHrEXLMtQJJr83VYC-XokuIytfQWHRVCju8x1ECjpt9DTo1F8dp0_KAbHKmIJKE9UEKBiUu-80jJL5EgTFjt_uaE-DqYh57nU9L-hOu-iWGQ3UoiRdhwg80lNvfyW8X38fpoua1kT2Zre8JC4UFjCw1R4eDFefLZvEd3h7efokbgKfEAoI2pny0k35SNMHpTfr1ptxfA17Mn0YxhvmOblXrGXhp6Zk3TdJLJDPOFAsjgZcZejRhPuMLCkJnkVMMJ6oYVgcJj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dicio.com.br%2F&domain=www.dicio.com.br&bundle=jLIdpV8wZVNMcVRWM29TSzElMkJreHlpT0pLMzBDMTBBb2o0dHBoOFhlMEM5ZmxEWlBHaGdWZGYlMkY0dDg4dTZyeGJqRktqM0ZaYjQ5MG5sQTB2TEZPbkt1NDhDY0lTVHV3S2x6bEo0T1RsdVowb0hyM2NZVk14R1pvbmdOOUZmQmk1UVJTVFd2UmhJRGglMkY5JTJCcndnRElmSmZGSU1UQSUzRCUzRA&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.dicio.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 16 Jun 2023 15:35:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
408147
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D8D1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.dicio.com.br%2F&domain=www.dicio.com.br&bundle=jLIdpV8wZVNMcVRWM29TSzElMkJreHlpT0pLMzBDMTBBb2o0dHBoOFhlMEM5ZmxEWlBHaGdWZGYlMkY...
  • https://mug.criteo.com/sid?cpp=P7ghTXxvd1RvcVM2WWExYkxmQVhqMjdWaUYvQmlVVnVYZ0Q2VksvcjM5dlFWeWxJN25FMjNXeVpFOGhGVm41M2laZkZGOEJhbHBOZ0lOeGlNWDloUEZyYjBlK3pYNHRzVzd5QlNveVNQNnlvOHJ0L0RWeDY4OFFHcUpXSC...
423 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=P7ghTXxvd1RvcVM2WWExYkxmQVhqMjdWaUYvQmlVVnVYZ0Q2VksvcjM5dlFWeWxJN25FMjNXeVpFOGhGVm41M2laZkZGOEJhbHBOZ0lOeGlNWDloUEZyYjBlK3pYNHRzVzd5QlNveVNQNnlvOHJ0L0RWeDY4OFFHcUpXSCs5NDBRWDZoU0dRM3J4OVZ0TFZJTTR5bmZaVDJNOEtRNnV0bnpvOEZiVjh4dmszUElVbmppTFY1TzRvRlZqb2Z2M3A0d3pJK3NCOXNTM1NsMGNmSC9HWHRxREU3aFdFRG0wTWdncDI0Q3dNYml6bWliQUEyUWRZZ3c3MnpON3VSV2htZ1BQdVZFUisyWElvOWt6RUs1ZVRHbHJpTHlVU3lsQ25OUTBiRjVNTUdFbFo4dTFiOD18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d11da8e6068e50c9b444014a8f5ce3de867e216b9c74a724c5b485b51d52bbb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1024557
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.dicio.com.br
location
https://mug.criteo.com/sid?cpp=P7ghTXxvd1RvcVM2WWExYkxmQVhqMjdWaUYvQmlVVnVYZ0Q2VksvcjM5dlFWeWxJN25FMjNXeVpFOGhGVm41M2laZkZGOEJhbHBOZ0lOeGlNWDloUEZyYjBlK3pYNHRzVzd5QlNveVNQNnlvOHJ0L0RWeDY4OFFHcUpXSCs5NDBRWDZoU0dRM3J4OVZ0TFZJTTR5bmZaVDJNOEtRNnV0bnpvOEZiVjh4dmszUElVbmppTFY1TzRvRlZqb2Z2M3A0d3pJK3NCOXNTM1NsMGNmSC9HWHRxREU3aFdFRG0wTWdncDI0Q3dNYml6bWliQUEyUWRZZ3c3MnpON3VSV2htZ1BQdVZFUisyWElvOWt6RUs1ZVRHbHJpTHlVU3lsQ25OUTBiRjVNTUdFbFo4dTFiOD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
579796
content-length
0
expires
0
rid
match.adsrvr.org/track/ Frame D8D1 		108 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ccfad1243b8effac190cf25974a2822ad8642498ef6e21c9ba720f548025a83d

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Jun 2023 15:35:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 16 Jul 2023 15:35:49 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=P7ghTXxvd1RvcVM2WWExYkxmQVhqMjdWaUYvQmlVVnVYZ0Q2VksvcjM5dlFWeWxJN25FMjNXeVpFOGhGVm41M2laZkZGOEJhbHBOZ0lOeGlNWDloUEZyYjBlK3pYNHRzVzd5QlNveVNQNnlvOHJ0L0RWeDY4OFFHcUpXSCs5NDBRWDZoU0dRM3J4OVZ0TFZJTTR5bmZaVDJNOEtRNnV0bnpvOEZiVjh4dmszUElVbmppTFY1TzRvRlZqb2Z2M3A0d3pJK3NCOXNTM1NsMGNmSC9HWHRxREU3aFdFRG0wTWdncDI0Q3dNYml6bWliQUEyUWRZZ3c3MnpON3VSV2htZ1BQdVZFUisyWElvOWt6RUs1ZVRHbHJpTHlVU3lsQ25OUTBiRjVNTUdFbFo4dTFiOD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 16 Jun 2023 15:35:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
444955
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bid
ap.lijit.com/rtb/ Frame D8D1 		23 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.18.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a641b3a95bb70fc67b9d638df8ddb67df934b1dd3dac8abee4ebb1a0b2d1be14

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Jun 2023 15:35:49 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.dicio.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
prebid
prebid.media.net/rtb/ Frame D8D1 		1 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUV4OAWX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c214abc91720801f7ab4d391564a0cf695dedbafe0d2094888c579cd77a2d0e

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Jun 2023 15:35:49 GMT
translator
hbopenbid.pubmatic.com/ Frame D8D1 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.dicio.com.br
date
Fri, 16 Jun 2023 15:35:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.com/adsid/ Frame D8D1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dicio.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D8D1 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3460472979430502&correlator=3070219032529936&eid=31072020%2C31074948%2C31075344%2C31074762%2C31075339%2C44769662&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=209606714%2Cdicio%2CFBK&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=3091743096&didk=3273008682&sfv=1-0-40&prev_scp=iat-req%3D1%26amznbid%3D13zsg74%26amznp%3D12tc6bk%26amzniid%3DJPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN%26amznsz%3D970x90&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie=ID%3D887a22356f4691fa%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA&gpic=UID%3D00000c4fd70ac71a%3AT%3D1686929729%3ART%3D1686929729%3AS%3DALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ&abxe=1&dt=1686929750112&lmt=1686929750&dlt=1686929747002&idt=670&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=mkwrj44cdrbt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.dicio.com.br%2F&ref=https%3A%2F%2Fwww.dicio.com.br%2F&top=https%3A%2F%2Fwww.dicio.com.br%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&ea=0&ga_vid=350313747.1686929729&ga_sid=1686929750&ga_hid=695406295&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YhsnjpowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRi40eOmjDFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGI5MmE1ODkxM2RlNDU2YjE1Zjg0OWEwNDU2MjE2ZDUzOTM4MjRhODY5Njk3NGIwZDYzNjIwZTE3M2UwYmJmZBjj0eOmjDFIABIZCgpwdWJjaWQub3JnGKnN46aMMUgAUgIIahLCAQoIcnRiaG91c2USrAF6L3BkeXRSRUlEQmkvK1d4NmdpeWhEZGh4WkJsQnk0T21xSndjSWJ6NldpZ3cxaTE4K2NjekxreDhmVXVtTHM1dDhlTkZ1RVRZblNxbzIwMnpoV2tsQUxyRnFzcmpxcjBRZ0xLek5ub1A5blhkWGVIbU9JSXBZenZRZTd6OUZnRmhMTXMrdmRnRTR1YVhXb2xUdmhvcnJNTit6T3JLYm0zZGVMY0NUaUU3Ujg9GO3R46aMMUgAEh0KDmVzcC5jcml0ZW8uY29tGIXJ46aMMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZMGhhY1hWWk9ERlNlRk5aYUZWeWRsQXljMnhsWnowOUluMD0Y-NHjpowxSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c494e111e0d818f4fdae223e6cc9ed4460de37dfa2c4b66039a24dbf13bfe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11685
x-xss-protection
0
google-lineitem-id
4973597417
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138262029818
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D8D1 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73dba26bf1675baa9902a1c232e3335142003fb1099e628d138e2cc316b7c244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11230
x-xss-protection
0
container.html
16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38C0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Sat, 15 Jun 2024 15:35:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 80FD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162930
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59856
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 1F37 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00473817b099df6d419325ca6dd2e3d839f51615a5c94a96125faab83bf4171c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11536
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Sun, 18 Jun 2023 15:35:50 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
activeview
pagead2.googlesyndication.com/pcs/ Frame F789 		42 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui68c-a--hw1A_Mo5RugGpjPMGtXyi-c9nMvJ0jRbdvs4tTnmfzJZket1y0x-tZ8V8dioqmtgUPAi4m17tqPUjsVJ7484CLm7AFO_N83z75iT_uV800ygWyLgEXcSL&sai=AMfl-YTXGekGYrwFZXHpiTis8Zvkd_9xdPHqiyJLobIhB5cVe-T-5GKiJhL5hspJiw3GjcIlNC5pTncwvweJUkfJTXx5664h3JJib1PvJ8n4PCrZ9uR8BQmlpAOu84FO&sig=Cg0ArKJSzHDkZpUrClAcEAE&cid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB&id=lidarv&acvw=sv%3D954%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D2092,0,0,0,0%26mtos%3D2092,2092,2092,2092,2092%26amtos%3D0,0,0,0,0%26mcvt%3D2092%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2092%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D796%26pst%3D521%26dur%3D15018%26vmtime%3D1604%26dtos%3D2092%26dtoss%3D1%26dvs%3D2064%26dfvs%3D2064%26dvpt%3D2064%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929750220%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2092&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D8D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 15:35:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 95FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviO3vHzQraUq09gCJGUtKE-n_4Kj-tyDyWzNibE_QbNdT9oqXS3jD30sstXSTwag3wzY7XkHv1_nNK7P-NzuYoI6R2AdCEV1u9d9zvP6PprSZYXIBez9H380lvq5smWAhQsfeLVmHv7M2n7osSeQ8KVSPLv_bj_gDVjCU4Kf_kWuIKdJSpqP6vZJ8PwZLagEvNgnAbgUVgf8tGN0eaxkHA7se2m-QqUJ4-RIxALmOl87FkvZqalGHDkiu52UsrAyxTIyI4mLqZ-Cu8srOqBxSbdYdqiLdjIsSk5tYlWQoOmXJNUpiX-aObUzt6b-67Jlyr0qyc&sai=AMfl-YQtUABww3a85lPHiwH1n1L7UEAMadWleB1ryjoqOQIV27kX-qPx1Yg-PnWmfQhwJT9N3fvtXc0hW-t-zg7A9EZ15u8esSMzmQTqiOWAIAqCWFhRMMANBFAxdGlTybs&sig=Cg0ArKJSzD9gst5AdELHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95FE 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075344
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57029
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1686742752845198"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 15:35:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B39 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
172821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Jun 2023 15:35:29 GMT
expires
Thu, 13 Jun 2024 15:35:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0657 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d6aed342f21159ea94af160719db52d9ef94edce8c085adaf3e187a93dbbf30e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kLlSIWvoe7B6k67TWKo_cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-kLlSIWvoe7B6k67TWKo_cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Fri, 16 Jun 2023 15:35:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
admi
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 5947 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f0a511a0c6af9140a8b28d73a4e8d6c6c657b138d8290e1f970977dd1ac13b2e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.dicio.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
6759
Content-Type
text/html;charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:50 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FVGD07HB49DP971GWGPV
csm_othersv6.js
c.amazon-adsystem.com/bao-csm/direct/ Frame 95FE 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv6.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
f31160deab4db27a05cd5e97bb345d57c1132a883633df4c6cc90f1743df97bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 08:02:51 GMT
content-encoding
gzip
via
1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
x-amz-version-id
hLkLqdouS9FOszUSny3T035K13M4t1NS
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
01B1463Y52F4CS9YFT34
etag
0f95b3273f86e40a9402b0d83cae836e
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
27178
accept-ranges
bytes
x-amz-cf-id
JLLX6qxi3fk_CY1_xyAkB1W2ah6ZmfiasR3rSJpwD4opT4rmQtSCxg==
sync
gum.criteo.com/ Frame 1F37 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
44f8669a8591615d988778b94899b7fe231e61f7bc8104f4d898b720b45bc890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
828144
expires
60
usync.html
eus.rubiconproject.com/ Frame 8982
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Jun 2023 15:35:50 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 15:35:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 2C02
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Drkt%26refUrl%3D%26vid%3D692975058932993133014552640...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3299313301455264000V10&type=rkt&refUrl=&vid=69297505893299313301455264000V10&ovsid=968625788307119378
235 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3299313301455264000V10&type=rkt&refUrl=&vid=69297505893299313301455264000V10&ovsid=968625788307119378
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Fri, 16 Jun 2023 15:35:50 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 16 Jun 2023 15:35:50 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3299313301455264000V10&type=rkt&refUrl=&vid=69297505893299313301455264000V10&ovsid=968625788307119378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CFA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dpba%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.188.195 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-188-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59856
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 16 Jun 2023 15:35:50 GMT
expires
Sat, 17 Jun 2023 08:13:26 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=c8bca416-9819-4d74-acf4-00ac86ff7171
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=c8bca416-9819-4d74-acf4-00ac86ff7171
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:51 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-162
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=son&refUrl=&vid=69297505893299313301455264000V10&ovsid=c8bca416-9819-4d74-acf4-00ac86ff7171
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D69297505893299313301...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005&rndcb=7190004661
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7257672098865546847&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/bb6b4e3f-4d9a-4ab2-b007-b89982032e12?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297505893299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
61 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297505893299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:51 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:51 GMT
Server
Tengine
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297505893299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Content-Type
text/html
Connection
keep-alive
cksync
cs.media.net/ Frame 1F37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI5OTMxMzMwMTQ1NTI2NDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-LngOrBPwaVSFJlRvUNCM&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-LngOrBPwaVSFJlRvUNCM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:50 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Fri, 16 Jun 2023 15:35:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEK-LngOrBPwaVSFJlRvUNCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69297505893299313301455...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=dxu&refUrl=&vid=69297505893299313301455264000V10&ovsid=qJTDG1a51Qabu95
61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=dxu&refUrl=&vid=69297505893299313301455264000V10&ovsid=qJTDG1a51Qabu95
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:50 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0a8ecd2a7e9b07273@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=dxu&refUrl=&vid=69297505893299313301455264000V10&ovsid=qJTDG1a51Qabu95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788
61 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=2dc7e71b-b0c2-4ff3-9039-082a0ff07788
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2123250
content-length
0
expires
Fri, 16 Jun 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=6c8b0ba5-a158-47ce-9300-413aabcb94d3&ssp=medianet&gdpr=0
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&gdpr_pd=
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:51 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=bb6b4e3f-4d9a-4ab2-b007-b89982032e12&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Jun 2023 15:35:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHE...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=692975058932993133014552...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297505893299313301455264000V10&vsid=3299313301455264000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:51 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297505893299313301455264000V10&vsid=3299313301455264000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 1F37
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3299313301455264000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:50 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=6c8b0ba5-a158-47ce-9300-413aabcb94d3&cs=1
date
Fri, 16 Jun 2023 15:35:50 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 1F37
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:50 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Fri, 16 Jun 2023 15:35:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0fd146a2-2ce7-4bf7-884c-487b3aa91b71
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
nmedianet.js
contextual.media.net/ Frame 5947 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU15598N&ydspr=1
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0cef8a8820870b6656f64d35b42c03a5a0b85d0669dc66605b5720415512cb3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-mnt-h
22-jxfb
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 16 Jun 2023 15:35:50 GMT
server
Apache
etag
"29a0b28a29073715cc063c1186805472"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
content-length
35471
expires
Fri, 16 Jun 2023 15:40:50 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 5947 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 16 Jun 2023 15:35:50 GMT
x-guploader-uploadid
ADPycdvx4ycBy5Hdd1xpIOq18yD0_ldZDSAT1Az_76gMh1roxLZv9dAKUwdMHZP4eNO1HkQ4-kGGKm1WyI1pNbMxBxf6NA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Fri, 16 Jun 2023 16:35:50 GMT
imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 5947 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&pp=13zsg74&isip=1
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MQ0GPHDZ6NAARXZF9B0Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
43
csm_view_only.js
c.amazon-adsystem.com/ Frame 5947 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/csm_view_only.js
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0077d904647fd8e588ae0d4600a648086cd889192628b10d75cc5ab42e4a607d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
NpbakCKHcoz3ZWPQ5_fbxuvXECO5xaXn
date
Fri, 16 Jun 2023 05:46:55 GMT
via
1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 08:47:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C2
age
35336
x-amz-server-side-encryption
AES256
etag
"df61d061a823334cc92534f3d9c48a20"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
35539
x-amz-cf-id
WZD2otZSBhuh4iOnv5auf7Pi1d3bhXIPJzsJvXLmOndAckBoeqdRuA==
usync.js
eus.rubiconproject.com/ Frame 8982 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 15:35:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:14:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74380
Connection
keep-alive
Content-Length
10112
Expires
Sat, 17 Jun 2023 12:15:30 GMT
log
c21lg-d.media.net/ Frame 1F37 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=xJe-bRlwwzs4rRINQJPD2JEKIiuPIfH0&cs=15&vsid=3299313301455264000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUV4OAWX&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:51 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 16 Jun 2023 15:35:51 GMT
%7B%22adCsm%22:[%7B%22tld%22:%22www.dicio.com.br%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22crtt%22%7D,%7B%22ns%22:1686929750306,%22st%22:%22187.60%22,%22re%22:%22215.60%22,%22ldTot%22:%2228.00%22%7D,%7B%2...
aax.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/ Frame 95FE 		43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/%7B%22adCsm%22:[%7B%22tld%22:%22www.dicio.com.br%22%7D,%7B%22vfrd%22:4,%22dbg%22:%22crtt%22%7D,%7B%22ns%22:1686929750306,%22st%22:%22187.60%22,%22re%22:%22215.60%22,%22ldTot%22:%2228.00%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.20%22,%22ltpm%22:%220.20%22,%22ltdm%22:%220.30%22,%22ltdb%22:%220.10%22,%22csmTot%22:%223.40%22%7D],%22pixelId%22:%22lbvcw3kz86%22,%22ts%22:1686929751007,%22ver%22:%22d-1.21%22%7D?cb=590319
Requested by
Host: www.dicio.com.br
URL: https://www.dicio.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
ZSVBQ4N64W427RX6BA2T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
sklDAqVYdVzlJ3IxE3qXy5EgFnDVx9iDin7gCZOctI_DQNcSSUW7mQ==
cksync.php
contextual.media.net/ Frame BFD6 		61 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3299313301455264000V10&type=pba&refUrl=&vid=69297505893299313301455264000V10&ovsid=9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3299313301455264000V10%26type%3Dpba%26refUrl%3D%26vid%3D69297505893299313301455264000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Fri, 16 Jun 2023 15:35:51 GMT
expires
Fri, 16 Jun 2023 15:35:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
sodar
pagead2.googlesyndication.com/pagead/ Frame 0657 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=3460472979430502&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
cksync.php
contextual.media.net/ Frame 8982
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LIYQEMLE-B-GF3X
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIYQEMLE-B-GF3X
61 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIYQEMLE-B-GF3X
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:51 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LIYQEMLE-B-GF3X
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
pagead2.googlesyndication.com/bg/ Frame 0B39 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14698
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jun 2024 14:56:57 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 6D8B 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&vi=1686929750798812442&gdpr=0&tsce=L166&cid=8CU15598N&cpcd=qJmqsokj19d2oMwtdTjLJQ%3D%3D&crid=345419453&size=970x90&cc=CA&sc=QC&chnm=smm_migration_test&pid=8POW2UN4M&tpid=TQ230O5&https=1&rrr=tzR-hLcl-L9LvXCq0A7VESeoxkSJMTl181odX1EZZ2o%3D&nse=5&lw=1&ugd=4&adt1=8CUZ1MK22&adt2=661646771&ebdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&bdrId=459&ntv=0&mmm=D5jUpyE7LeM%3D&mcf=66056&ydspr=1&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808147724&kapc=7&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8OverJk%7C%7C77OvW&kata=aton&ekalog=%3DVvAffH%7C%7CPPVrvfV1UP%2FrWpY%3DJsm7clL%7C%7Cc0_rvFH9%7C%7CqVrv9%7C%7CbVvAffu%7C%7CcVvAffH%7C%7CbVrvW%7C%7C_0_rvfWWA9WfXhX9ifXf9HXf%7C%7C_TVrvF&cadomain=tzR-hLcl-L-HShN42-uuffsgUdLEfSJIxUSuarmSELZFh2LYdFCUMA%3D%3D&ypl=1&isid=3&adv=Featured%20Insights&pgid=p11678221463t202306161535&essld=uHi.XF.uXA.9~%3DK~gxJGJN~cmz7LJ1j&htmlsrc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU15598N&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1dc3ee81eb2a9549624784e5f2efaf3b57a7a4d31df10ac590ce1de87411e8f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://aax-us-east.amazon-adsystem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26329
content-type
text/html
date
Fri, 16 Jun 2023 15:35:51 GMT
expires
Fri, 16 Jun 2023 15:35:51 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-qvz2
bping.php
lg3.media.net/ Frame 5947 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2071&&vgd_cdv=984&vgd_tsce=L166&vgd_cage=0&vgd_mcf=66056&gdpr=0&prid=8PRVCXX19&cid=8CU15598N&crid=345419453&vi=1686929750798812442&ugd=4&lf=6&cc=CA&sc=QC&vsid=3299313301455264&lper=100&wsip=170785135&r=1686929751512&requrl=https%3A%2F%2Fwww.dicio.com.br%2F&vgde_bdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&ssld=%7B%22QQ8E%22%3A%22uHi.XF.uXA.9%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22gxJGJN%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1686929750182624359&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUZ1MK22&vgd_hb_audit_2=661646771&vgd_pgid=p11678221463t202306161535&vgd_pgids=1&vgd_uspa=0&hvsid=00001686929751503025035145525880&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 16 Jun 2023 15:35:51 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Jun 2023 15:35:51 GMT
checksync.php
contextual.media.net/ Frame BA1E 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eca0845cc74061b611101fa9a9555ef18463d7130eb4b0b1a18871fd5326675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://aax-us-east.amazon-adsystem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11066
content-type
text/html; charset=UTF-8
date
Fri, 16 Jun 2023 15:35:51 GMT
expires
Sun, 18 Jun 2023 15:35:51 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
log
hblg.media.net/ Frame 5947 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&pixel_len_bucket=444&__q=AYYEIwKELAQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjE4ODQ4MDkyODczMjY4Nl83NDE0NDMyMzZfNjYxNjQ2NzcxNDU5MUBkYzlmNGZjNDA1YWU0OTFjODNkOTFkMzY3ZjA1ZDhhNJYHuB6F61G4nj8waHR0cHM6Ly93d3cuZGljaW8uY29tLmJyBENBGGRpY2lvLmNvbS5ichI4Q1VaMU1LMjIIDDk3MHg5MAowLjAzMA5lYXN0X3NjBlRBTQgGYWRtAAAAAAAAgFJAgr_JzZhiAjAAAAAAAADwvzZydGItZWJkYS04ZDc4NDg0ZGQtY2tqYjUuU0M-NTEwMDA4MDgxNDc3MjQwMDk3MDAwOTAwMDA0MDUwMAIQMjIzZWFhYmMCZAI&utime=3718&sf=0&cpr=0.05071442641624291
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Jun 2023 15:35:51 GMT
cksync.php
contextual.media.net/ Frame BA1E
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dcon%26refUr...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7c785bdf30f22171&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D...
  • https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=con&refUrl=&vid=69297518423299313301455264000V10&ovsid=AAAMtwV-0PnsEgM47SSRAAAAAAA&expiration=1687016151&is_secure=true
61 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=con&refUrl=&vid=69297518423299313301455264000V10&ovsid=AAAMtwV-0PnsEgM47SSRAAAAAAA&expiration=1687016151&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:51 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=con&refUrl=&vid=69297518423299313301455264000V10&ovsid=AAAMtwV-0PnsEgM47SSRAAAAAAA&expiration=1687016151&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame BA1E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dr1%26refUrl%3D%26vid%3D6929751842329931330...
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=5057630732
  • https://sync.1rx.io/usersync/rubicon/LIYQEMLE-B-GF3X
  • https://sync.targeting.unrulymedia.com/csync/RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35%26vsid%3D3299313301455264000V10%26type%3Dr1%...
  • https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297518423299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
61 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297518423299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:52 GMT

Redirect headers

Date
Fri, 16 Jun 2023 15:35:52 GMT
Server
Tengine
ETag
RX260b4f2fb7994697b49ae40376b4d98e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://contextual.media.net/cksync.php?cs=35&vsid=3299313301455264000V10&type=r1&refUrl=&vid=69297518423299313301455264000V10&ovsid=RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
Content-Type
text/html
Connection
keep-alive
cksync.php
contextual.media.net/ Frame BA1E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=NlEeHRMbmPui4ApJw2rW&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKONRCWKSCSJVRG2UDVNE2EC4CKO4ZHE...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297518423299313301455...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297518423299313301455264000V10&vsid=3299313301455264000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:52 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=NlEeHRMbmPui4ApJw2rWhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D35&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=69297518423299313301455264000V10&vsid=3299313301455264000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
285
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame BA1E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=X6eQx8cX9MYIG3v0sS6B&pi=medianet
61 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=X6eQx8cX9MYIG3v0sS6B&pi=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=35&cv=31&https=1&cid=8CUZ1MK22&prvid=2034%2C2033%2C2076%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C2026%2C236%2C2025%2C237%2C117%2C437%2C97%2C55%2C99%2C2045%2C2088%2C3012%2C2043%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C408%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C453%2C3018%2C454%2C3017%2C455%2C214%2C413%2C3014%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229&itype=TAM&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 16 Jun 2023 15:35:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 16 Jun 2023 15:35:52 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=X6eQx8cX9MYIG3v0sS6B&pi=medianet
pragma
no-cache
date
Fri, 16 Jun 2023 15:35:51 GMT, Fri, 16 Jun 2023 15:35:51 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bql.php
lg3.media.net/ Frame 6D8B 		15 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5348&&vgd_canary=0&vgd_l2type=scs_newfl&fp=OYlI5OkgdSoKZd8d0iWwNvZkXd1OI2n1UlwrLe80a-v6SMPUYQRHVJt00LicXTA7AN7Hus4hjfXRskoRpf2Of8QU02w66bW5trg0jfVKFQHNpOSK3sXez5jKcXyE2o9QSHC76v5p_Js%3D&cme=R7A1Z5NmafoQ-dpLzUFOGlrLmYA0uIg3mkXfiBxBhfCIxitnYr4fTNZ6ilpi5nASiHGdwDWXt-q5pGb9gpJ4TIx5VfAvgNuGk4umX4DB7uAaRefQRyBQHS4NaqLhS5tKT2Ri_aShin-6ixCsqhqfXXBV-gOdoy9q3X6DhtdEyaL3c2cQUNv8ATfX8OQxi99Lrw0chvThcONi085iGpMMcwMTSlWfcw6ynIaAIxFjjMPmictY8z4289E8bjmFbdL8tRjQREvue1z3iByyik6NqseVmdaMHUlXUPNiDg86a2YQWFjQnjNVuQ%3D%3D%7C%7Cu8A6SM53vAcA1hZRDZ8xX7ksZzfEHTLe%7CC_NcdaVhzomV2m_R1L13gdv4XVK6LXEw%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD5AKnh3VfqmOTw-N_GyLo01i72mkuS2YzDDMkTBeMaY_w%3D%3D%7CVvgmrBXvITmGFWRMEYqD_JuXTttYDid-mTAhqYzzhMH9iptmB9AbuUCM3X3tWPeKHVjoWS_9koA4RtTlQPMnvP2lF_ZEVOGxHFS3mHJFshINfbO1iuwDtFJ5ke03hvH2EBB2tpVVZsVDGBruCFCwFltRsnJyHYrBVulpp3MLT0jMO0VCZlP4B3UVcEGPztZBzn4fLtp1aHXO2t-LcBi7vYlZcENOE5SXD_Yd4sEVTUbgf_lqQShbZdl4XZAVvaRC%7C&subBdr=196&bdrid=459&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Portable+Storage+Containers&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=1&kid[]=22868298&kbc2[]=0%7Cps%3D0.898&ktd[]=274895077376&kwd[]=Daily+Task+Planners&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=2&kid[]=324637692&kbc2[]=0%7Cps%3D0.898&ktd[]=274895077376&kwd[]=Low+Cost+Franchise+Opportunities&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=3&kid[]=17968349&kbc2[]=0%7Cps%3D0.898&ktd[]=274911854592&kwd[]=Top+5+Home+Solar+Panels&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=4&kid[]=321192316&kbc2[]=0%7Cps%3D0.898&ktd[]=274911854592&kwd[]=Average+Solar+Panel+Cost&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=5&kid[]=321825537&kbc2[]=0%7Cps%3D0.898&ktd[]=274911854592&kwd[]=How+to+Start+an+Online+Business&kwt[]=232&kbc[]=6ef737a62bf968ba87422dd8cc62d7a2.d2s&kwp[]=6&kid[]=14374179&kbc2[]=0%7Cps%3D0.898&ktd[]=274911854592&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=15040&hint=&cc=CA&wsip=170774626&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22cmz7LJ1j%22%2C%22QQ8E%22%3A%22uHi.XF.uXA.9%22%2C%22QQQN%22%3A%22gxJGJN%22%7D&cid=8CU15598N&vi=1686929750798812442&vsid=3299313301455264&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L166-S166&vgd_imdtl=1&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUZ1MK22&vgd_hb_audit_2=661646771&vgd_katid=808147724&vgd_katbid=-21&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_kals=ttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3DvDef%7C%7Cttd%3D8&vgd_kalog=CI%3D3224%7C%7CUUID%3D2IakUVD8WmCeFotMzr%7C%7CMPTD%3D640%7C%7CHID%3D0%7C%7CSI%3D3221%7C%7CMI%3D3224%7C%7CSID%3D8%7C%7CTPTD%3D2883082575092520452%7C%7CTLID%3D6&vgd_pdtid=1&vgd_nrrv=11516&vgd_nrrmf=3001c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=14&vgd_l1rakh=1686929750182624359&sttm=1686929751503&upk=1686929751.14175&hvsid=00001686929751503025035145525880&verid=3111299&sbdrId=196&vgd_vsidtv=000V10&vgd_ecrid=5100080814772400970009000040500&tsrc=autotemplate&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgde_ydsp=%7B%227JQ7VO4z7875%22%3A%22Wi%22%2C%22GxNUJ7VO4z7875%22%3A%22AuH%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22%3Dmz7LmjnR%22%7D&vgd_mcf=66056&vgd_vstrid=3299313301455264&vgde_bdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&vgd_bhv_kbb=-1&vgd_cfud=230222&vgd_scsver=118&vgd_optout=0&vgd_ydspr=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001686929751503025035145525880&rc=0&rand=1686929751990&acid=dc9f4fc405ae491c83d91d367f05d8a4&matm=1686929751990&vgd_ltimesrc=1&vgd_ltime=936&vgd_rtime=933&vgd_etm=11&vgd_l1hcsd=Sjxfb%7C3927&vgd_l1ch=1&vgd_lhl=1182&vgd_pgid=p11678221463t202306161535&vgd_csip=rtb-ebda-8d78484dd-ckjb5.SC&vgd_sbSup=0&vgd_vsidv=10&vgd_nrrs=11516&vgd_cdv=984&vgd_cntrdt=SF%7Caax-us-east.amazon-adsystem.com&vgd_eadm=1&vgd_matchstr=hr%3D0&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&vi=1686929750798812442&gdpr=0&tsce=L166&cid=8CU15598N&cpcd=qJmqsokj19d2oMwtdTjLJQ%3D%3D&crid=345419453&size=970x90&cc=CA&sc=QC&chnm=smm_migration_test&pid=8POW2UN4M&tpid=TQ230O5&https=1&rrr=tzR-hLcl-L9LvXCq0A7VESeoxkSJMTl181odX1EZZ2o%3D&nse=5&lw=1&ugd=4&adt1=8CUZ1MK22&adt2=661646771&ebdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&bdrId=459&ntv=0&mmm=D5jUpyE7LeM%3D&mcf=66056&ydspr=1&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808147724&kapc=7&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8OverJk%7C%7C77OvW&kata=aton&ekalog=%3DVvAffH%7C%7CPPVrvfV1UP%2FrWpY%3DJsm7clL%7C%7Cc0_rvFH9%7C%7CqVrv9%7C%7CbVvAffu%7C%7CcVvAffH%7C%7CbVrvW%7C%7C_0_rvfWWA9WfXhX9ifXf9HXf%7C%7C_TVrvF&cadomain=tzR-hLcl-L-HShN42-uuffsgUdLEfSJIxUSuarmSELZFh2LYdFCUMA%3D%3D&ypl=1&isid=3&adv=Featured%20Insights&pgid=p11678221463t202306161535&essld=uHi.XF.uXA.9~%3DK~gxJGJN~cmz7LJ1j&htmlsrc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 16 Jun 2023 15:35:52 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 16 Jun 2023 15:35:52 GMT
dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSf...
ade.googlesyndication.com/ddm/activity/ Frame F789 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D954%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D3974,0,0,0,0%26mtos%3D3974,3974,3974,3974,3974%26amtos%3D0,0,0,0,0%26mcvt%3D3974%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3974%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1317%26pst%3D521%26dur%3D15018%26vmtime%3D3882%26dtos%3D1882%26dtoss%3D2%26dvs%3D1882%26dfvs%3D1882%26dvpt%3D1882%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3974,3974,3974,3974,3974%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D16,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929752102%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3974;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=videoplaytime25&ad_mt=3883&acvw=sv%3D954%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D3974,0,0,0,0%26mtos%3D3974,3974,3974,3974,3974%26amtos%3D0,0,0,0,0%26mcvt%3D3974%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3974%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1317%26pst%3D521%26dur%3D15018%26vmtime%3D3882%26dtos%3D1882%26dtoss%3D2%26dvs%3D1882%26dfvs%3D1882%26dvpt%3D1882%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26ic%3D0%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3974,3974,3974,3974,3974%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D17%26emuc%3D0%26emb%3D16,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929752102%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3974&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ Frame D8D1 		17 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=162930
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162930/9578/14/pwt.js?sid=GHDO8WVP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.dicio.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:52 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.dicio.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 95FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumKZF3r8eDRy4tdEJb8g8pfgPjVES-Cu4h4ELoj8QlBjM3wLbfm1FpenkIfVITSo4tDNGZEGKQ1-RPlPxBo_9CyBR6yQ5pkyJ_k90ccEy5TVtogIKEGtZi8SVXmhfttv11yKttdh7Nqzx-qxb7azNbQ19vng5s4h0Iy0SI4hNL9Efzd63YJFLu_IDRFPAnbwntLetPU1VuZ0yC43LLsjhlSor5E5W66AdNIxkdcHX_V9VyYjl9CX1ZmbhF9Cqe2L-UEpMsISy7tale9sN6Ldb5aObJ6iKyUBYsg-N7b5uSAxMwlH2L_etQIJgdL7iT4Vn1gm5QRLQ&sai=AMfl-YTxnEXfkwDQh6boBmO6TWmKdBpDAgRq1ITWoBXcJiD8jsp0UW6MRek7l679k7EqSoVa6vSH6OaXrnWUQgYOZQsI2NrD9RDhv_jFkAsI2LIssJW4iBPuPVDQ_UBL22U&sig=Cg0ArKJSzCxukolU-o9FEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 16 Jun 2023 15:35:52 GMT
generate_204
tpc.googlesyndication.com/ Frame 0B39 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nxWnwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
postback
s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/ Frame EEF5 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.3lift.com/2/2.96.0/596918/AhC1UrIHBAGvqDmG/postback?dt=5969181520951367361000&ci=596918&di=dicio.com.br&dm=300x250&c2=84215&ti=37000276533921298888890&sr=5&gt=6251999&ai=575154&si=8062019&pp=9502&pc=75167&md=1&c1=4945&cb=1686929730&pv=4be1426c-f1f0-4c64-a272-7810fb869d43&to=3&sid=AhC1UrIHBAGvqDmG&oz_sc=1996358e7972eb4c64679661&oz_df=1686929752771&oz_l=847&cv=3
Requested by
Host: s.update.3lift.com
URL: https://s.update.3lift.com/2/2.96.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.206.31.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-31-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jun 2023 15:35:51 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
%7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ts%22:1686929752851,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:%22r-1.30%22%7D
aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/atf/ Frame 5947 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/atf/%7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ts%22:1686929752851,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:%22r-1.30%22%7D?cb=7739414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E64X6E3EY2146VS0DFXR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
truncated
/ Frame 95FE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cdf56f204c5fd145dfba833c4c47df41cd7a2b9434fa503bda6b54c02164be2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:2.42,%22ts%22:1686929753072,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:...
aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/ Frame 5947 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:2.42,%22ts%22:1686929753072,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:%22r-1.30%22%7D?cb=5568197
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2D153F3SWEJ6HB4FQSKW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
truncated
/ Frame 6D8B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6D8B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 6D8B 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&vi=1686929750798812442&gdpr=0&tsce=L166&cid=8CU15598N&cpcd=qJmqsokj19d2oMwtdTjLJQ%3D%3D&crid=345419453&size=970x90&cc=CA&sc=QC&chnm=smm_migration_test&pid=8POW2UN4M&tpid=TQ230O5&https=1&rrr=tzR-hLcl-L9LvXCq0A7VESeoxkSJMTl181odX1EZZ2o%3D&nse=5&lw=1&ugd=4&adt1=8CUZ1MK22&adt2=661646771&ebdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&bdrId=459&ntv=0&mmm=D5jUpyE7LeM%3D&mcf=66056&ydspr=1&katpre=1&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&katbid=-21&katid=808147724&kapc=7&ekals=775EJvu99ui%7C%7CE7vu%7C%7CjY8OverJk%7C%7C77OvW&kata=aton&ekalog=%3DVvAffH%7C%7CPPVrvfV1UP%2FrWpY%3DJsm7clL%7C%7Cc0_rvFH9%7C%7CqVrv9%7C%7CbVvAffu%7C%7CcVvAffH%7C%7CbVrvW%7C%7C_0_rvfWWA9WfXhX9ifXf9HXf%7C%7C_TVrvF&cadomain=tzR-hLcl-L-HShN42-uuffsgUdLEfSJIxUSuarmSELZFh2LYdFCUMA%3D%3D&ypl=1&isid=3&adv=Featured%20Insights&pgid=p11678221463t202306161535&essld=uHi.XF.uXA.9~%3DK~gxJGJN~cmz7LJ1j&htmlsrc=1
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 16 Jun 2023 15:35:53 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Sat, 17 Jun 2023 15:35:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D8D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=3460472979430502&bg=!qqmlqf3NAAaGYqkwpmI7ADkAdvg8WrrGRD7hvVjs4f0rB0Hq1lac2TbPSkmbR4wVaRF7vpJoWZtaVhsB67g7QRky-fBhE7e7x2oCAAADklIAAAAJaAEHmQMYxnns7A29qsUCdGipFKYLHHXP18AsJxBWkRmnVtuds3jLJ8VXZY8snQIpk9idjPFbgaSk9ktAOIM7etrLdXwJJU2cZbv4noms-_c6bkj4pZPLFKKfJopEjgLxqPYeGB0FYCJHUYqYuKr1MLjNIliGFXzUja_kskENwb5x8JLcfwwaH0FLeL1rf-l2x2CtGECvT4FGYGGrCkwgy1ZjaWS8kkSNNtHufTgsclb2UZXfyr-LEd8x27yFOdgx6pZitG-0ETCdW6rgJRkayFe2ZAdxZ3E0j4oWf0OBpuD4Zs1oS0vFJD_9AnT9I1Z439QPpGYyIW9IYj_1mJGjV6PBEL8bH8GTg719SJ0RV8-G00jQESs2MveZV0mmszbyR0ddsUgmtbQmIDfx-JKIIu-dGyZZYCvBjv3q6rFAycD0xfA8EwHQvmQgEaSs3x4ytR3gv_24bgmIL1PcL0pIVQv8SjVHy9vdRdD62JpIOci-DjTXklXandc95UYVixXnIHt3KmAF0VyYjoMie2x95gNT8hNd0SwDwopEykPLVNEkGsdNJRpf-lDTt5ARj81RSpRgzNZsCEA-sDa8ddVXrleA38aRGqmoasUPOxtUkzCUiiCM613GsyKQlYfSPXBFGce3osVsn1a0P9XR4aYqEOFF9TobyVeT4v6T6Df_O9MlCsp5McAUTYKmK4NxPFPkbbhYuU3P4iqwTlSiNvb8hH2OSl0vVXHgtkf9Nm5xKL69Re7J3PJwi6Aw_mfiPTGMRtlb6YIqbmQETIs_oeIgs8TG8fotAnijyTZN0RJOgLRyMlu0N-XHtKu4mPOFrLqfWB7PAAS9jiRYGCWKQxrRIxrN4uLFq7ITmdsQh4TR5HRDlGgbjDoVo_y5tfRwIdmuK_7j9vWgN2kGVgYqjoHIIIe9-ktzqWMY6TaG5ec1gM9pDF0IFv2deaOZdkBrIZRrMrIpCQzIwPF9PLM4tcyxQkypzuYtRVblglhfOoEaH0CTvhQS6NpTaLMlJsizFNOnYRIu5nL7OJ5UPe-jRBe6gr9mRKAf-vs1rRhUr8KG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 95FE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvboD9MZfiVFAtV9K5eupa8mVfyZDZmWJdXf89A4hP4hGmxQmkYwFL4-fDuNI4_G-SdLLTilykW6YrDjzh2X3oR2NQXOi_TDydbWPDbFW9N5_V_pJRF&sig=Cg0ArKJSzLJiVhZzNs0UEAE&id=lidar2&mcvt=1027&p=0,0,90,970&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20230614&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3091743096&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686929750306&rpt=2044&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.dicio.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:3.43,%22ts%22:1686929754083,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:...
aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/ Frame 5947 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:3.43,%22ts%22:1686929754083,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:%22r-1.30%22%7D?cb=5595689
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W16K0HJS6KKNMWJYKBNS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:3.43,%22ts%22:1686929754083,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver...
aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/ Frame 5947 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/v/%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:0,%22aw%22:0,%22ttv%22:3.43,%22ts%22:1686929754083,%22bn%22:false,%22pixelId%22:%22sfbr7tk0kc%22,%22ver%22:%22r-1.30%22%7D?cb=1643070
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4529GHKYBYPR0D1NS80Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
log
hblg.media.net/ Frame 5947 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQ_ARAZGM5ZjRmYzQwNWFlNDkxYzgzZDkxZDM2N2YwNWQ4YTTmtv_2BJYHBENBGGRpY2lvLmNvbS5ichI4Q1VaMU1LMjIoLzIwOTYwNjcxNC9kaWNpby9GQksMOTcweDkwDmVhc3Rfc2MEMjMGVEFNEjhQUlcyM0hHNQ5CSURfQVBJACgvMjA5NjA2NzE0L2RpY2lvL0ZCSwIxNnJ0Yi1lYmRhLThkNzg0ODRkZC1ja2piNS5TQz41MTAwMDgwODE0NzcyNDAwOTcwMDA5MDAwMDQwNTAwAjAAZgEcZ2VuLXZibHRfdGFtXzEyMjAyMzA2MTUxODE2X2dlbi12Ymx0X3RhbRhnZW4tdmJsdF90YW2UASRNRURJQS5ORVQgRVhDSEFOR0UCAmQ&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:54 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Jun 2023 15:35:54 GMT
bqi.php
lg3.media.net/ Frame 5947 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2175&lf=3&&vgd_hb_audit_1=8CUZ1MK22&vgd_hb_audit_2=661646771&vgd_tsce=L166&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=984&vgd_cage=0&vgd_rensize=970_90&vgde_bdata=QOfvzxjj~77vu9XHii~8xLjMjvf9~myJLEYv9.9A~QYYMG8Ov9.9u~e8QMQOvAif~ONfvu~G17v9%2C9%2C9~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9FuXfu~8xLjMGvfW9h.uW~xLjM7UNv9~Q7OvSf9iF9FhuHSO8N8mSsRC~j1Q7v~e8QMxLjMGv9.XW~8Evf6%20xQ9~kGGv9~e8QMxLjMjvu9~L88Ex1v9%2C9~J7vfu~LNvu~LEQMQOvf9fA9FuFu9~e8QMGvAXX.9f~eBM1EQv9.FX~xLjMGv9.AF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLv9.FXfF~xLjMjvf9~yN17vou~GGvuiF~eevu~QYYMYxjv9.XF~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~csRvq~GYv9.WF~QYYMQOvf9fA9FuF9H~Q8OvAHXHuiHXA~QOv9~x8OvfV1ZY7tDrUBR%3DcqDB8~G7OvffFF9F9AFiHFh9hfFXFH9HWHWXAfHWFfHWWAFXA9fFiA9fiWXhX9iuHuXWFHFAFHAHuHHFhuAiAXWXh9XhFu9XfhAhFufFFH9FXffWW~UGMQLNvUGG~eBxvou~OfEMjvA9~AENkviii.WX~x8Yv9~myMYQwv9.9A~eBMYJOv9.hH~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.ih~exLjMGv9.hu~QQvIK~NNv%3DK~UGMOjvzS1~x8Bvou~NJv9~LEQMGvAu.hW~exLjMjvf9~%3DVvfiH9~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vYmz7LJ1j~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.Hf~8Q8kv9~UGM77vHh~G8Ov9.9u~UGME7vqmYJE1yJ~L8e8Qv9%2C9~ONvW~ejfLMGvf.Xi~8exLjMjvf9~NGOEv9.9A9~875EJM8OvXu~QJjjJLM71yM8OvSf9iF9FhuHSO8N8mSsRC~QxEEj5M71yM8OvSf9iF9FhuHSO8N8mSsRC~e8JB1G8j875v9.FX~EmQv9~1NM75EJvu~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~8zQjv9~QmGEv~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfuA&gdpr=0&prid=8PRVCXX19&cid=8CU15598N&crid=345419453&requrl=https%3A%2F%2Fwww.dicio.com.br%2F&vi=1686929750798812442&ugd=4&cc=CA&sc=QC&bdrid=459&subBdr=196&startTime=1686929751464&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1686929750182624359&l1ch=1&l1hcsd=l1!Sjxfb|3927&sttm=1686929751503&upk=1686929751.14175&hvsid=00001686929751503025035145525880&acid=dc9f4fc405ae491c83d91d367f05d8a4&verid=3111299&mmm=D5jUpyE7LeM%3D&vgd_sc=QC&vstrid=3299313301455264&vgd_vsidv=10&vsidtv=000V10&infr=1&twna=1&stime=1686929751072&vgd_ecrid=5100080814772400970009000040500&vgd_uspa=0&tsrc=autotemplate&vgd_isiolc=1&vgd_fcm_enc_mis=1&vgd_pgid=p11678221463t202306161535&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.36.23 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-36-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 16 Jun 2023 15:35:54 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 16 Jun 2023 15:35:54 GMT
%7B%22adCsm%22:[%7B%22ns%22:1686929750492,%22st%22:%22227.10%22,%22re%22:%22308.30%22,%22ldTot%22:%2281.20%22%7D,%7B%22lteu%22:%220.20%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22csmTot%22:%2...
aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/ Frame 5947 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN/%7B%22adCsm%22:[%7B%22ns%22:1686929750492,%22st%22:%22227.10%22,%22re%22:%22308.30%22,%22ldTot%22:%2281.20%22%7D,%7B%22lteu%22:%220.20%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22csmTot%22:%221.70%22%7D],%22pixelId%22:%22sfbr7tk0kc%22,%22ts%22:1686929754845,%22ver%22:%22r-1.30%22%7D?cb=2528766
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=JPWHo_iBEyl1EAWlRMWeIngAAAGIxNkv9gEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAM8wPN&rnd=9165033735051686929750323&pp=13zsg74&p=12tc6bk&crid=5100080814772400970009000040500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jun 2023 15:35:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JFKSDN6WDDGMMZFTRK43
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
dc_oe=ChMIr9Dz-47I_wIVTvGzCh1BXwpPEAAYACCmnJRMQhMIhI3F-47I_wIVtQuICR34eAMY;met=1;&timestamp=1686929755179;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 90B6 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr9Dz-47I_wIVTvGzCh1BXwpPEAAYACCmnJRMQhMIhI3F-47I_wIVtQuICR34eAMY;met=1;&timestamp=1686929755179;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5Yjs-47I_wIVTghxCh3P4A9gEAAYACDv5qVMQhMImqy8-47I_wIV8CaKAx1h7Qr_;met=1;&timestamp=1686929755233;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame CF11 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Yjs-47I_wIVTghxCh3P4A9gEAAYACDv5qVMQhMImqy8-47I_wIV8CaKAx1h7Qr_;met=1;&timestamp=1686929755233;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI17nr-47I_wIVU8mzCh1YegdSEAAYACCmnJRMQhMI3Jy2-47I_wIV19yzCh3ZHAfF;met=1;&timestamp=1686929755242;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 1B88 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI17nr-47I_wIVU8mzCh1YegdSEAAYACCmnJRMQhMI3Jy2-47I_wIV19yzCh3ZHAfF;met=1;&timestamp=1686929755242;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxJLt-47I_wIVjdizCh1-0QyvEAAYACDv5qVMQhMI2q---47I_wIVzusoBR0OSAPD;met=1;&timestamp=1686929755324;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 862C 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxJLt-47I_wIVjdizCh1-0QyvEAAYACDv5qVMQhMI2q---47I_wIVzusoBR0OSAPD;met=1;&timestamp=1686929755324;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSf...
ade.googlesyndication.com/ddm/activity/ Frame F789 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D954%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D7720,0,0,0,0%26mtos%3D7720,7720,7720,7720,7720%26amtos%3D0,0,0,0,0%26mcvt%3D7720%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7720%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2171%26pst%3D521%26dur%3D15018%26vmtime%3D7582%26dtos%3D3746%26dtoss%3D3%26dvs%3D3746%26dfvs%3D3746%26dvpt%3D3746%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3746,3746,3746,3746,3746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D35%26emuc%3D0%26emb%3D34,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929755847%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7720;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=videoplaytime50&ad_mt=7583&acvw=sv%3D954%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D7720,0,0,0,0%26mtos%3D7720,7720,7720,7720,7720%26amtos%3D0,0,0,0,0%26mcvt%3D7720%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7720%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2171%26pst%3D521%26dur%3D15018%26vmtime%3D7582%26dtos%3D3746%26dtoss%3D3%26dvs%3D3746%26dfvs%3D3746%26dvpt%3D3746%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3746,3746,3746,3746,3746%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D35%26emuc%3D0%26emb%3D34,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929755847%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7720&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2t6c_I7I_wIVFY-zCh3sLAlDEAAYACCmnJRMQhMIwLT2-47I_wIVg-GzCh20qwEY;met=1;&timestamp=1686929757053;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 4CF0 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2t6c_I7I_wIVFY-zCh3sLAlDEAAYACCmnJRMQhMIwLT2-47I_wIVg-GzCh20qwEY;met=1;&timestamp=1686929757053;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4Nq3_I7I_wIVTvGzCh1BXwpPEAAYACDv5qVMQhMIxZr--47I_wIVBcrjBx1NyAoV;met=1;&timestamp=1686929757605;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 8779 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4Nq3_I7I_wIVTvGzCh1BXwpPEAAYACDv5qVMQhMIxZr--47I_wIVBcrjBx1NyAoV;met=1;&timestamp=1686929757605;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6bG6_I7I_wIVChGICR2OHgc8EAAYACCmnJRMQhMIiLD--47I_wIVZeS1Ch3nPwA7;met=1;&timestamp=1686929757616;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 90E5 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6bG6_I7I_wIVChGICR2OHgc8EAAYACCmnJRMQhMIiLD--47I_wIVZeS1Ch3nPwA7;met=1;&timestamp=1686929757616;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://nucleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSf...
ade.googlesyndication.com/ddm/activity/ Frame F789 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9sn4go_I_wIVcQ5oCB1FaQWDEAAYACDZmKZXOhoI5JWMhQEQlP288LkEGMqzzOEDILvH-frkEEITCJjA2YKPyP8CFYvIswodOqULAw;dc_rmcid=CAQSPABygQiDdRYqpcU5UeEInu32jA0oQXS_Fm09efUIb49QEiY2sh_9W1fL-V7u6ps1sq1zRSfO0tzP1d9ebxgB;eps=CIBhEAEYHTICigI6AoBASL39wTo;met=1;acvw=sv%3D954%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D11432,0,0,0,0%26mtos%3D11432,11432,11432,11432,11432%26amtos%3D0,0,0,0,0%26mcvt%3D11432%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11432%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3176%26pst%3D521%26dur%3D15018%26vmtime%3D11302%26dtos%3D3712%26dtoss%3D4%26dvs%3D3712%26dfvs%3D3712%26dvpt%3D3712%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3712,3712,3712,3712,3712%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147479553%26psv%3D-2147479553%26psfv%3D-2147479553%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929759560%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11432;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F789 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_aZvU4GMZNjKBouRzwW6yq4Yx_34-227x_n65BCv6uTxyAEQASDJi5tyYP3oooHwA8gBBakCpZmQP7dfqT6oAwHIAxOYBACqBIgCT9BMfy_Hfm9lYMc3pqFB9qUrkwvwvn9QNHqn2mwnYR3zT-eF_xj-OJ-fVbcUNsJsEod2evqjopLvds-EeH3CpR-tgDpxB_cZOayp0ycjCiNVs7ca9uytv0hlU_ugibpaja_24OuhxtYvk5ZMbTdHvGRu_u_FBjbZL7FHI_ymcnFMi6yqfXiCTGL21MVlMKrg5kRomU-a_CKDuMAPoKR2UxVcmcYAICwpNCvQKtGoVkI21uT_poKyvovINUlgr4l7aUuKEuojOfMS-3BM5NlJBBKD5Zx34RSBSol5Ic_qpq5NKYPDK1ussQb3BBU_bHqf4wQfrRxciHqLuyS8-N9dQqh47ZELTLqWwASU_bzwuQTgBAOQBgGgBk6AB6XH7oQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOjl9wTyBPKs8zhA9ATANgTCogUBNgUAdAVAfgWAYAXAegXBQ&sigh=wIAfATptdHc&label=videoplaytime75&ad_mt=11303&acvw=sv%3D954%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D903,1226,1100,1576%26tos%3D11432,0,0,0,0%26mtos%3D11432,11432,11432,11432,11432%26amtos%3D0,0,0,0,0%26mcvt%3D11432%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11432%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3176%26pst%3D521%26dur%3D15018%26vmtime%3D11302%26dtos%3D3712%26dtoss%3D4%26dvs%3D3712%26dfvs%3D3712%26dvpt%3D3712%26is%3D33554707%26i0%3D33554707%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50336531%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3712,3712,3712,3712,3712%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1362%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D52,0,0,0,0%26avms%3Dexc%26qi%3D624572402%26psm%3D-2147479553%26psv%3D-2147479553%26psfv%3D-2147479553%26psa%3D0%26pnmm%3D1686929743753%26ptlt%3D1686929759560%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11432&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1686929747777&sdkv=h.3.578.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2Mzk1MDk4MDc0MDdAmgMKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDUwNDMzOTgyCTE4MzA3Nzk3N0D8AVI2CNkHEA8lAABwQSgBOgsxODMwNzc5NzctMUIER0RDTUjiAlAAWhBCazRuNjlZU09BRE5XcVB0GAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jun 2023 15:35:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame A3D6 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Jun 2023 15:36:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
AS8W78HDFZQ8EQ6PPKAW

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~liyqey5r&c=7262505871620&slotId=3631252935810&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~liyqeylo&c=7262505871620&slotId=3631252935810&uet=2&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275

Verdicts & Comments Add Verdict or Comment

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer object| googletag object| apstag object| _comscore function| autoComplete object| SpotifyIframeConfig object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_tag_data object| google_js_reporting_queue object| webpackJsonp function| Sticky function| inView function| onSpotifyIframeApiReady object| dicio object| google_tag_manager string| GoogleAnalyticsObject function| ga object| COMSCORE object| ns_p object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| sg_passive object| Sg_Utils object| Sg_Social function| recaptchaloaded object| lazySizes undefined| google_measure_js_timing function| Sg_GPT_get_slots object| gaplugins function| setImmediate function| clearImmediate object| ID5 object| regeneratorRuntime object| ats function| onYouTubeIframeAPIReady object| gaGlobal object| webVitals function| getSelector function| sendToGTMDebugLcp function| sendToGTM object| signal_decrypted object| pbjs object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| PublisherCommonId function| processGoogleToken object| googleToken object| googleIMState object| gaData number| google_unique_id object| adpnExecutions object| aliveChecks boolean| adpnLoaded function| clarity object| GoogleGcLKhOms boolean| bhof object| _czmb function| $cz function| czQuery string| _mb function| superagentCallback168692974290933 object| e object| __tgconf function| __tginitcb object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup string| _czmbPubId function| czlite function| czmax function| cztimeline function| cztimelinelite object| xplay_by_sid object| xplay_tags boolean| xplay_loaded object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| PubMaticSync object| head object| bjs function| replaceAll string| vsalign boolean| refreshed string| a object| vobj object| _cazamba string| xplay_debug object| xplay_oninit object| closure_lm_977810 object| gsapVersions function| Cazamba object| _czLegacy function| _czOpen object| google_image_requests object| closure_lm_725645 object| _CZ_EMITTER object| __iat_api object| _mappingResponses object| __tgunits function| Hls

341 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQpv7jpowxCgoI4gEQpv7jpowxCgoI5gEQpv7jpowxCgoIhwIQpv7jpowxCgkICRCm_uOmjDEKCQg6EKb-46aMMQoJCAsQpv7jpowxCgoIjAIQpv7jpowxCgkIXxCm_uOmjDEKCQgfEKb-46aMMQ==
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxCyFQ
i6.liadm.com/s Name: _li_ss
Value: CgA
.spotify.com/ Name: sp_t
Value: 3ef81c1ceda4e660e1367fb32cdd0d57
.spotify.com/ Name: sp_landing
Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fiframe-api%2Fv1%3Fsp_cid%3D3ef81c1ceda4e660e1367fb32cdd0d57%26device%3Ddesktop
.scorecardresearch.com/ Name: UID
Value: 145ca1a14dbd690ba2d969c1686929728
.dicio.com.br/ Name: _ga_J39WVELZST
Value: GS1.1.1686929728.1.0.1686929728.60.0.0
www.dicio.com.br/ Name: _lr_geo_location
Value: CA
.openx.net/ Name: i
Value: 70766ab9-8f35-4714-9885-4aef3f6b257a|1686929729
.criteo.com/ Name: uid
Value: 2dc7e71b-b0c2-4ff3-9039-082a0ff07788
.dicio.com.br/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.dicio.com.br/ Name: _ga
Value: GA1.3.350313747.1686929729
.dicio.com.br/ Name: _gid
Value: GA1.3.1136156445.1686929730
.dicio.com.br/ Name: _gat
Value: 1
.dicio.com.br/ Name: _gat_UA-10605777-8
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 63769bac646640eacbce3129aa2dd85d
.dicio.com.br/ Name: _cc_id
Value: 63769bac646640eacbce3129aa2dd85d
.dicio.com.br/ Name: panoramaId_expiry
Value: 1687534529644
.dicio.com.br/ Name: panoramaId
Value: db92a58913de456b15f849a0456216d5393824a8696974b0d63620e173e0bbfd
.dicio.com.br/ Name: panoramaIdType
Value: panoIndiv
.amazon-adsystem.com/ Name: ad-id
Value: A34bSiYw_EgcjAPK9saAV3U
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBEGBjGQCEGYmaH-Su2TcdIIMQSq1k9wFEgEBAQHSjWSWZAAAAAAA_eMAAA&S=AQAAAo4vMermpbNvK9jSB_eBNcU
.adsrvr.org/ Name: TDID
Value: 0fd146a2-2ce7-4bf7-884c-487b3aa91b71
.doubleclick.net/ Name: IDE
Value: AHWqTUlnE5NbWseI3RvSevmhMLEaxu84wnA_pSoiiLkk3Hk5tZ853oFHAjRHQJuNNis
.openx.net/ Name: univ_id
Value: 537072971|0fd146a2-2ce7-4bf7-884c-487b3aa91b71|1686929730081262
.360yield.com/ Name: tuuid
Value: 81322635-d407-41c6-90b3-06c576eb4a0a
.360yield.com/ Name: tuuid_lu
Value: 1686929730
.smartadserver.com/ Name: pid
Value: 9195223259748919252
.gumgum.com/ Name: vst
Value: u_010554f4-f22b-48bb-aa7d-dd1df78f257a
.simpli.fi/ Name: suid
Value: B1419C921A984094910AFB59BC53B6E3
.zemanta.com/ Name: zuid
Value: NlEeHRMbmPui4ApJw2rW
.bidswitch.net/ Name: tuuid
Value: bb6b4e3f-4d9a-4ab2-b007-b89982032e12
.bidswitch.net/ Name: c
Value: 1686929730
.bidswitch.net/ Name: tuuid_lu
Value: 1686929730
.media.net/ Name: visitor-id
Value: 3299313301455264000V10
.bidr.io/ Name: bito
Value: AADU507JGQMAACEM6-pGFA
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMID
Value: ZIyBQpGLLvl3l6QCbO.IfgAA
.casalemedia.com/ Name: CMPS
Value: 470
.casalemedia.com/ Name: CMPRO
Value: 470
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZIyBQgAAPUaJFQAz
.contextweb.com/ Name: V
Value: 4PN9fuFh8ZXL
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7750d8bc92c3bc7a
.outbrain.com/ Name: obuid
Value: 2ac8e1a2-072e-49cd-a883-40ce6d4d9694
.technoratimedia.com/ Name: tads_uidp_88
Value: 700611844226177276000
.technoratimedia.com/ Name: tads_uidp_44
Value: LIYLFL6Z-9-J91S
.technoratimedia.com/ Name: tads_uidp_77
Value: wI2zF8wT0GudJ27NcQN-L_VBvOfjKMuwTkL8oyUvMLs
.technoratimedia.com/ Name: tads_uidp_45
Value: BAD6476E-515C-40EF-942D-693B9AD99B7D
.technoratimedia.com/ Name: tads_uidp_46
Value: 2499707662062097629
.technoratimedia.com/ Name: tads_uidp_79
Value: 870c21ff-22e0-4127-9989-ec0d7e35dd98
.technoratimedia.com/ Name: tads_uidp_37
Value: 744fcf27-db63-3d3d-acec-79cec850c76d
.technoratimedia.com/ Name: tads_uidp_48
Value: 6874849b-3fd0-4e9b-b325-f1e40975cd78
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAH4whJ3Xg_DAMRgCtUAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: 6ec16429-d50c-4e4e-a3c7-d2ccb1c27929
.technoratimedia.com/ Name: tads_uidp_80
Value: y-nWOkl31E2uFK0rZOQFCs.FWE2YvpF1.P~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZIxgoB8v7pXIdq1iT.l-JgAA&3875
.technoratimedia.com/ Name: tads_uidp_50
Value: 489d4c2c-6bf2-472b-9cd8-5c4efe32e288
.technoratimedia.com/ Name: tads_uidp_61
Value: 212187031798058
.technoratimedia.com/ Name: tads_uidp_62
Value: 3299229771455327000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: 55hNOfLHLKK-hfTSrCGQ9pkWEMTaZqZC
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-f2f6bbbc-719b-4723-b776-1560f78bc287-005
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adnxs.com/ Name: uuid2
Value: 7868782405983581932
.lijit.com/ Name: ljt_reader
Value: G03niPZH5lRXKpa0QfmyLxxR
.deepintent.com/ Name: CDIUSER
Value: di_ab31e695ed944bb18bfef
.ipredictive.com/ Name: cu
Value: 05397481-14be-41e5-b894-0f13dbdb9e9d|1686929730375
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4263f094-4c93-5e85-50c1-1c0d9b792ac7.6veRiwMdvX1eLcDKh3Jx5CkLvKtYSAw3pMxIhVgpop8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AQmPwlEyTXoVQwRwNm3kqx5U4mbg.tv35rrHUS9W%2BVxBgR8UpBvc5WgXFKoaeeRRWVDgjG0s
.turn.com/ Name: uid
Value: 2359921639606788299
.mathtag.com/ Name: uuid
Value: 2e5f648c-8142-4e00-a92d-af87705ce1c9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
.admanmedia.com/ Name: admtr
Value: e9cd9076-54b0-4888-91dc-53262d48b930
.admanmedia.com/ Name: ac_r
Value: CS71
.rubiconproject.com/ Name: khaos
Value: LIYQEMLE-B-GF3X
.bluekai.com/ Name: bku
Value: ikG99WvOMsugrLDs
.pswec.com/ Name: tuuid
Value: 316e038e-a60e-4413-b36d-47b1f4d6b6ff
.pswec.com/ Name: c
Value: 1686929730
.pswec.com/ Name: tuuid_lu
Value: 1686929730
.demdex.net/ Name: demdex
Value: 46351787696967025100266956809089821160
.mfadsrvr.com/ Name: tuuid
Value: 6c8b0ba5-a158-47ce-9300-413aabcb94d3
.mfadsrvr.com/ Name: c
Value: 1686929730
.mfadsrvr.com/ Name: tuuid_lu
Value: 1686929730
.dpm.demdex.net/ Name: dpm
Value: 46351787696967025100266956809089821160
.creativecdn.com/ Name: u
Value: X6eQx8cX9MYIG3v0sS6B
.creativecdn.com/ Name: ts
Value: 1686929730
.pippio.com/ Name: did
Value: NdRe70BTx9NbhyyX
.pippio.com/ Name: didts
Value: 1686929730
.pippio.com/ Name: nnls
Value:
.3lift.com/ Name: tluid
Value: 4184420296987606615158
.tapad.com/ Name: TapAd_TS
Value: 1686929730856
.tapad.com/ Name: TapAd_DID
Value: 505f9bb7-9de0-40b4-bcc3-f0f89cb3da49
.bing.com/ Name: MUID
Value: 2F0E8CB093976AEC0F079F8292AC6B48
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2359921639606788299&KRTB&23150-2359921639606788299
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0fd146a2-2ce7-4bf7-884c-487b3aa91b71&KRTB&22918-0fd146a2-2ce7-4bf7-884c-487b3aa91b71&KRTB&23031-0fd146a2-2ce7-4bf7-884c-487b3aa91b71
.thrtle.com/ Name: mc
Value: eyJpZCI6IjFhYzRhZjBiLTcyNTgtNDllYS04ZWIyLTE0MzEzMTI0N2YyMCIsImwiOjE2ODY5Mjk3MzEwMTQsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKtm7HLZ6JZJF-T_kClkVVg&KRTB&16514-CAESEKtm7HLZ6JZJF-T_kClkVVg&KRTB&23025-CAESEKtm7HLZ6JZJF-T_kClkVVg&KRTB&23386-CAESEKtm7HLZ6JZJF-T_kClkVVg
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:B1419C921A984094910AFB59BC53B6E3&KRTB&23489-uid:B1419C921A984094910AFB59BC53B6E3
.pippio.com/ Name: pxrc
Value: CMOCsqQGEgQIAhAAEgYI7OsBEAA=
.socdm.com/ Name: SOC
Value: ZIyBQsCo8YQAAMZzhOkAAAAA
.linksynergy.com/ Name: rmuid
Value: a307ce15-de30-4cfd-b22e-2084afc93b74
.linksynergy.com/ Name: icts
Value: 2023-06-16T15:35:31Z
.linkedin.com/ Name: bcookie
Value: "v=2&1a5877a1-7c7c-4432-8076-bedf661dbe79"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2927:u=1:x=1:i=1686929731:t=1687016131:v=2:sig=AQFeiboDiNNa0hcd7wGLlxPJZjhMzhPj"
.dicio.com.br/ Name: __gads
Value: ID=887a22356f4691fa:T=1686929729:RT=1686929729:S=ALNI_MbclC-tsaYAwl371AcPmAqVPlEmcA
.dicio.com.br/ Name: __gpi
Value: UID=00000c4fd70ac71a:T=1686929729:RT=1686929729:S=ALNI_MYzJxb6VsoDdpe_DxHR0Skky_hFfQ
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.richaudience.com/ Name: pdid
Value: edf39634-495a-42b3-acef-0zz1686929731
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638225265320755768&o=1
.smartadserver.com/ Name: vs
Value: 555020=5498855&272441=5498855
.mfadsrvr.com/ Name: bsw_ca
Value: 2,1686929732
.lkqd.net/ Name: lkqdid
Value: _mjRPXqcXcU
.lkqd.net/ Name: lkqdidts
Value: 1686929732
.lkqd.net/ Name: sr59
Value: 1|CAESEB5Ku6Iasf--2BQ_U300KDY|1686929732
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HbXv['iC!1yIE`fS1ueD1W-044)d+]Ug[qZdBd+EWa.WNcXwr$iSxV5CVz1@+*xim7TJP(hw9P-HC_#ttp?)wQ%6
.teads.tv/ Name: tt_viewer
Value: 99bd3558-cf79-49a1-8776-3905d9faf1cc
.spotxchange.com/ Name: audience
Value: 6ec14886-0c5b-11ee-970b-1cc82ed80303
.bfmio.com/ Name: __187_cid
Value: 9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
.bfmio.com/ Name: __io_cid
Value: fbc240bc08ed38f666ed581a0bfb7865dc512d09
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_ab31e695ed944bb18bfef
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzMDMyNbewMDYwNzS0NDa3EOIz1I2szHb1dK_MqLIIyQEATe2OeSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzMDMyNbewMDYwNzS0NDa3EOIz1I2szHb1dK_MqLIIyQEATe2OeSQAAAA
.kargo.com/ Name: ktcid
Value: 54400541-7e15-017b-5782-3abe21a154d3
.go.sonobi.com/ Name: __uis
Value: c8bca416-9819-4d74-acf4-00ac86ff7171
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-05397481-14be-41e5-b894-0f13dbdb9e9d&KRTB&23011-05397481-14be-41e5-b894-0f13dbdb9e9d&KRTB&23355-05397481-14be-41e5-b894-0f13dbdb9e9d
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&KRTB&16736-uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&KRTB&23019-uid:2e5f648c-8142-4e00-a92d-af87705ce1c9&KRTB&23114-uid:2e5f648c-8142-4e00-a92d-af87705ce1c9
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7868782405983581932&KRTB&23339-7868782405983581932
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968625788307119378
.creative-serving.com/ Name: tuuid
Value: a2b663fd-5339-4be2-a1d7-6bc82ec05109
.creative-serving.com/ Name: c
Value: 1686929735
.creative-serving.com/ Name: tuuid_lu
Value: 1686929735
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMtwV-0Pnn3ANrceMNAAAAAAA&KRTB&22713-AAAMtwV-0Pnn3ANrceMNAAAAAAA&KRTB&22715-AAAMtwV-0Pnn3ANrceMNAAAAAAA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1l6y|7bq.0.1|7dN.0.AADU507JGQMAACEM6-pGFA|7dW.0.1
.yandex.ru/ Name: yuidss
Value: 6949778631686929735
.yandex.ru/ Name: yandexuid
Value: 6949778631686929735
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADU507JGQMAACEM6-pGFA
.send.microad.jp/ Name: TR
Value: b5749b107bfa861e557aeb4958cff3115537d97c2c50ce7c
.quantserve.com/ Name: mc
Value: 648c8147-9ed27-a2687-506f0
.adotmob.com/ Name: uid
Value: 0935220407a759e15bab9db9
.adotmob.com/ Name: uuid
Value: 0935220407a759e15bab9db9
.adotmob.com/ Name: partners
Value: SMA%3A1686929735697
.smaato.net/ Name: SCM
Value: 3b93ea6e
.smaato.net/ Name: SCMsas
Value: 3b93ea6e
.rqtrk.eu/ Name: browser_id
Value: 1:a3452d5e-2c84-4ea0-a642-1e6cf47e3d9a
.csync.loopme.me/ Name: viewer_token
Value: a425a098-1bfe-4b7f-a07b-d43deddfff0a
.sitescout.com/ Name: ssi
Value: 1881492b-4c40-4c16-9688-159f0de113d4#1686929735927
.linkedin.com/ Name: li_sugr
Value: 28eab6c3-c69a-48f7-bc8c-f0b8b82b06e4
.blismedia.com/ Name: b
Value: 648C81483D38189FC8FCFE9FBLIS
.acuityplatform.com/ Name: auid
Value: 791276946469
match.sharethrough.com/ Name: AWSALBCORS
Value: uXYqrxCg8fxywox/xhsVidc6PGOniK1k5K5EHJOS84JJYha/le+Gg1ER3ikVFOl0vv6lYoLRRkNTSAMW3zYsUAexbicRuBGKid/7y8vfE6gTQZiIXWfUSkgiKy0c
.sharethrough.com/ Name: stx_user_id
Value: e5e56fc8-f8c3-494f-ac77-427b723826f0
.server.cpmstar.com/ Name: USER_ID
Value: %c6h%03%f3%97d%ea%e5y%f0%04%a2%b2%a1%d3
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 72c3717f-b617-4d42-b055-11bad514223e
.audrte.com/ Name: arcki2
Value: cf6HRk0Cn5kSoKeBszex24Ukg!20220908!1686929736659!ip#149.56.153.184
.company-target.com/ Name: tuuid
Value: 276bcaeb-211e-46bb-8f28-7eca6b2ccfca
.lijit.com/ Name: ljtrtbexp
Value: eJxdjz0awCAIQ%2B%2Fi7CAiP%2BnV%2BvXutdVBGB8kJNwFVi5Sd2Iway2qkfuBrRajuB4c2ZbdhId8DOwAa6S0Jx49lCK9pQzEDs6JR%2FLLwTI5v5Q6u8V7svoprOPXa2I7fpx69HgPoc%2FzAivVRpo%3D
.id5-sync.com/ Name: id5
Value: c00b781b-0350-7ff1-b19d-be5e59ed18d7#1686929729898#2
.id5-sync.com/ Name: callback
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7245308046810806417
.adform.net/ Name: C
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnXwXCGZ_8BXcHJ1eD9HA45Q61JLuOOTppCAu6rH_N5x5UZPZQJmr2UsHyIpQC4TM1
.bluekai.com/ Name: bkdc
Value: phx
.media6degrees.com/ Name: clid
Value: 2rwcrbc01170xyj6ognk9nx9000000014n010o01601
.media6degrees.com/ Name: acs
Value: 012020k1rwcrbcxzt10
.brand-display.com/ Name: _knxq_
Value: 0f8dd1fe-7d5d-8f26-cbe03a57.1686929736.0.1686929736.1686929736
.adgrx.com/ Name: ADGRX_UID
Value: 70ddfbea-0c5b-11ee-829c-b199bfe3b49c
.liadm.com/ Name: lidid
Value: 9213b7dc-e58a-472d-b246-e2ea5a9472b2
.adstanding.com/ Name: _adstanding_id
Value: c60f4c52841cf4875c3a9faa17934494
.adform.net/ Name: uid
Value: 7257672098865546847
.agkn.com/ Name: ab
Value: 0001%3AFgdxOUg3KIqqUVYjAvmxhatSVtlTai4X
pool.admedo.com/ Name: tuuid
Value: e2cac44d-48c6-4b3a-8fe4-05392569dd6b
pool.admedo.com/ Name: c
Value: 1686929737
pool.admedo.com/ Name: tuuid_lu
Value: 1686929737
.pubmatic.com/ Name: SyncRTB3
Value: 1687478400%3A38_15_2_223%7C1689465600%3A224%7C1687737600%3A63%7C1688169600%3A35%7C1692057600%3A69%7C1688083200%3A178_48_71_239_7_22_5_214_204_81_220_233_165_56_249_21_54_46_166_240_176_99_3_13_8_55_234_96_243_104_250_238_231
.mookie1.com/ Name: id
Value: 10598377302679827463
.mookie1.com/ Name: mdata
Value: 1|10598377302679827463|1686929737306
.mookie1.com/ Name: ov
Value: 6dbacbedaae50d2dafdcbcbcfc4ca55a
.w55c.net/ Name: wfivefivec
Value: qJTDG1a51Qabu95
.eqads.com/ Name: EQUser
Value: UID=0e185734-fd32-4ea3-9fca-2ca5e938dcca
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005%22%7D
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.audrte.com/ Name: arcki2_ddp2
Value: cf6HRk0Cn5kSoKeBszex24Ukg!20220908!1686929737509
.openx.net/ Name: pd
Value: v2|1686929729.7.1|iKbwvPvMgahEgKkWg2gy.g6wvmmfYn8uYwtmKvJeSwrcsf8vuoqvRwike.hMs7vVvshAlwvZnovDf4vEvU
.w55c.net/ Name: matchopenx
Value: 5
.mookie1.com/ Name: syncdata_IOW
Value: 1
.nrich.ai/ Name: _nauid
Value: b1e30950-dec4-41f2-a0bb-8189deea1c8d
.ctnsnet.com/ Name: cid
Value: f7f05902823d4015be08a20cdbf5ce94
.company-target.com/ Name: tuuid_lu
Value: 1686929738|ix:0
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220230616%22%2C%22113%22%3A%2220230616%22%7D
.w55c.net/ Name: matchcasale
Value: 5
.media.net/ Name: data-o
Value: 6bf63c7f-8db2-4203-a11c-fc69e9a3845b~~3
.audrte.com/ Name: arcki2_adform
Value: 7257672098865546847!20220908!1686929738417
.adhaven.com/ Name: uid
Value: 4c_a5d78291-c900-41d3-8719-58de46375dc1
.quantserve.com/ Name: d
Value: EAgBIgGfKfijCJiTCuu4EJ9AqPoQ
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk&KRTB&19420-1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk&KRTB&22979-1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk&KRTB&23462-1edx0tvifYbO6izV0eRk0NHlcYbO5nmHheNOytYk
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFEMRsQK6qYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBRDEbECuqj3RoaXJkUGFydHlVc2VySWRXRzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS+4EyMvpCJKxDJQFEMRsQS55EJQFEMRsQS55FY2RkM2ExODVkLThhMzUtNGVmOS05ODlkLTY4OWFlYmU4MmU4MPuANvpCzEMlAUQxGxBctkQlAUQxGxBctkUh+/uGdmVyc2lvbsL7
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-70ddfbea-0c5b-11ee-829c-b199bfe3b49c&KRTB&23275-70ddfbea-0c5b-11ee-829c-b199bfe3b49c
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23334-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23417-QmPwlEyTXoVQwRwNm3kqx5U4mbg&KRTB&23426-QmPwlEyTXoVQwRwNm3kqx5U4mbg
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:qJTDG1a51Qabu95&KRTB&23421-uid:qJTDG1a51Qabu95
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-72c3717f-b617-4d42-b055-11bad514223e&KRTB&23340-72c3717f-b617-4d42-b055-11bad514223e&KRTB&23498-72c3717f-b617-4d42-b055-11bad514223e
.owneriq.net/ Name: oxc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-791276946469&KRTB&23428-791276946469
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NjkyOTczODczMSwiMjQiOjE2ODY5Mjk3MzgyMDUsIjQ4IjoxNjg2OTI5NzM3NTYwLCIzOSI6MTY4NjkyOTczNjIwOSwiMTciOjE2ODY5Mjk3MzY3OTEsIjciOjE2ODY5Mjk3MzYyMDl9
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 19ErFj26PgmhDCbtXoJQTpYRonDZH57Eg8CLQSuAFd041YklIHQp1vfj8byj59XERxgI3J6VwjQmgdEb7UNXZYOBTAMtTAhAmk6cShSqsyQ%3D
ads.playground.xyz/ Name: connect.sid
Value: s%3A4ay2N2ybkWeIFS4qCKR2UkFwBq-6Trle.ZHDX%2BF2vWbjpckn%2BmJeOSrIzP%2Fswl8xyZ4N2oHkbPE0
.advertising.com/ Name: A3
Value: d=AQABBEqBjGQCEDxlQVFbd7q9YonbJnx0GiIFEgEBAQHSjWSWZCXcxyMA_eMAAA&S=AQAAAmRR1FbxTqTu2cse4dzy1os
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&KRTB&23413-9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246&KRTB&23479-9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246
.mxptint.net/ Name: mxpim
Value: R33646_1045D5232_63F18A3A.1.0000000000000000648C814A0000000000000000648C8148
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005&KRTB&17107-RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005
.id5-sync.com/ Name: 3pi
Value: 102#1686929737778#-445863822|264#1686929738891#761721315#0fd146a2-2ce7-4bf7-884c-487b3aa91b71
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.tribalfusion.com/ Name: ANON_ID
Value: a6ny7aMZaAC7pqGpS72sysZdZcFv6PZb9eeMvnStMTod4GRXFo3tZbZdTtavZadMZdW7sZb0pecqRNPpucsbmVRBbhjDoAsWgQvZcpCRBxBERRmqNZdDZblZaY3H1fpkIsn1YNpwZbUskP37FsU5bsvZcuH7pf6jGWW
.smartadserver.com/ Name: csync
Value: 31:bb6b4e3f-4d9a-4ab2-b007-b89982032e12|49:7245308046810806417|66:0935220407a759e15bab9db9|76:CAESEElYJkycfc_dJwkomjDOcgw|79:2dc7e71b-b0c2-4ff3-9039-082a0ff07788|86:7868782405983581932|91:9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246|92:4PN9fuFh8ZXL|100:b653c218-b770-478f-85c1-3c3b7d5fcd41|116:NlEeHRMbmPui4ApJw2rW|124:a425a098-1bfe-4b7f-a07b-d43deddfff0a|127:AADU507JGQMAACEM6-pGFA|134:OB_OK|141:cf6HRk0Cn5kSoKeBszex24Ukg|147:e5e56fc8-f8c3-494f-ac77-427b723826f0
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7402161381508317360P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7257672098865546847&KRTB&23263-7257672098865546847&KRTB&23481-7257672098865546847
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341&KRTB&23418-1881492b-4c40-4c16-9688-159f0de113d4-648c8147-4341
.richaudience.com/ Name: avcid-apn-uid
Value: 7868782405983581932
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_1045D5232_63F18A3A&KRTB&23092-R33646_1045D5232_63F18A3A
.richaudience.com/ Name: avcid-bsx-uid
Value: AADU507JGQMAACEM6-pGFA
.adsby.bidtheatre.com/ Name: __kuid
Value: fdf26f3f-e4c8-431b-918b-1bd66ba6ecf2.456143739
.richaudience.com/ Name: avcid-ttd-uid
Value: 0fd146a2-2ce7-4bf7-884c-487b3aa91b71
.richaudience.com/ Name: avcid-yho-uid
Value: y-h6oDHolE2uEKi0eMqoKCtbI33_dPGmCPxfnBZ.E-~A
.audrte.com/ Name: arcki2_smart
Value: 9195223259748919252!20220908!1686929739391
.inmobi.com/ Name: idsp_c
Value: 99c0a2ba-c407-4d71-a929-c4a35950d27a
.c.appier.net/ Name: _auid
Value: mmXYKf62ARWWNDIrS4GMZA
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-mmXYKf62ARWWNDIrS4GMZA
.pubmatic.com/ Name: DPSync3
Value: 1687478400%3A252_253_248_164%7C1687910400%3A257%7C1688083200%3A235_201_236_255_260_259_261_197_263_219_258_226_228_245_256_262
.adkernel.com/ Name: ADKUID
Value: A652393035817929802
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A652393035817929802
.richaudience.com/ Name: avcid-bsw-uid
Value: bb6b4e3f-4d9a-4ab2-b007-b89982032e12
.richaudience.com/ Name: avcid-adf-uid
Value: 7257672098865546847
.semasio.net/ Name: SEUNCY
Value: 21C454EC37059F19
.rlcdn.com/ Name: pxrc
Value: CMKCsqQGEgUI6AcQABIFCOhHEAASBgi66gEQChIGCLjrARAI
.audrte.com/ Name: arcki2_pubmatic
Value: 9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246!20220908!1686929740311
io.narrative.io/ Name: io.narrative.guid.v2
Value: 730552b0-0c5b-11ee-a591-0a3986670f6f
.onaudience.com/ Name: cookie
Value: 88723e8e639d23b9
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-bb6b4e3f-4d9a-4ab2-b007-b89982032e12
.pubmatic.com/ Name: PugT
Value: 1686929740
.lijit.com/ Name: ljtrtb
Value: eJyNkkFvFDEMhf%2FLnrFkJ05i9zYzm1kVdoHttmjLBU0yGVX0goqokBD%2FHYczBy6RYn3PzvPLr12Mu5tdUnIpKkeOunuzC2I1HaYhYFZIwxCBNTsY9jRDdop5HnN2HI11XV9KLNz8BrzqArwUBwUxQRFVcehdI2csdZZEiNUV4MpoB0XQKAIUdMO1EfmVIbJUwxKwZzIlqyn543vdfsxP8vl67JOT1XBbiePiwNVmdNkSiHAFllT8siiV1PXO0JGYdFJHgwqjshIO8xh0nIIfY%2FaGCRp3vH0859MxwwiH2V%2BtrF2eJEoSxxhUfBBS3y1Z9%2F9elfh%2Fd2crm%2BHJDIvfeyHReZJ5mrPO4%2FH20qWdqTeetPll01jXVFtzbq242UuIbA%2B%2BtE4GI4dh%2FxAwvT2cT8Mw5VOEb4d56LP6zu6u4CIW3twGJamCpW5ZsUXXGH2yLFeVBoihN%2ByhXWM7%2F5R61dPj7cG%2F4vdLHHss3dEFy9eX%2FGmfvjydLym%2B3OPVvTxrZrvfwWs44LsPs3947tvqvermWYpDqBVtW641kNA28LyQ89vqdP07tz81VilYlgALBQE206Ae7duQhVtqUV797vcfzV%2Bplg%3D%3D
.rlcdn.com/ Name: rlas3
Value: KpK+KN4eqbTCDkHAgoquliI9kL/B0JqcUjolYOLNSvo=
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1686951341211
.exelator.com/ Name: EE
Value: "4ec1a240fec5b88db6be9a8402e11d6e"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEkNdkw0cjEIC012TTJwiIlySwp1TLRwsTAKNXQMMUsdXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQZEl%252BUWb6ImfHxUUpaQyLSopPBR9JygUA0jgqqw%253D%253D"
.onaudience.com/ Name: done_redirects252
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.onaudience.com/ Name: done_redirects282
Value: 1
www.clarity.ms/ Name: CLID
Value: 81b9fcffc8894123a323e686be93bac9.20230616.20240615
.hhkld.com/ Name: uid
Value: jV7KsGSMgU4DFdRI4iaAAg==
.dicio.com.br/ Name: _gat_czmb
Value: 1
.dicio.com.br/ Name: _clck
Value: zolmgt|2|fci|0|1262
.c.bing.com/ Name: SRM_B
Value: 2F0E8CB093976AEC0F079F8292AC6B48
.cazamba.com/ Name: uid
Value: 648c814f08d47
.cazamba.com/ Name: visits:1685577600:2071
Value: 1
.cazamba.com/ Name: _czu_1_1685577600
Value: 1
.cazamba.com/ Name: _czu_2071_1685577600
Value: 1
.cazamba.com/ Name: lastPub
Value: 2071
.cazamba.com/ Name: synced
Value: 1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F0E8CB093976AEC0F079F8292AC6B48
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.dicio.com.br/ Name: _clsk
Value: 3b9fl|1686929743818|1|0|y.clarity.ms/collect
amer.hhkld.com/ Name: sync6
Value: %7B%22pubm%22%3A%5B1%2C1686929743%5D%2C%22one%22%3A%5B1%2C1686929743%5D%2C%22indexww3%22%3A%5B1%2C1686929743%5D%2C%22improve%22%3A%5B1%2C1686929743%5D%2C%22nmill%22%3A%5B1%2C1686929743%5D%2C%22sovrn%22%3A%5B1%2C1686929743%5D%2C%22between%22%3A%5B1%2C1686929743%5D%2C%22richau%22%3A%5B1%2C1686929743%5D%2C%22frwhee%22%3A%5B1%2C1686929743%5D%7D
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_fd97dde4-d0be-4255-bd2b-a3f439938b31
.33across.com/ Name: 33x_ps
Value: u%3D212187031499720%3As1%3D1686929744051%3Ats%3D1686929744051
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 390b2ebc-ea19-52a7-bbfd-32fcdf71b3ac
.betweendigital.com/ Name: ss
Value: 1
.a-mo.net/ Name: amuid2
Value: 93fed4af-5152-47ef-a11a-60faf652f29e
.prebid.a-mo.net/ Name: sd_amuid2
Value: 93fed4af-5152-47ef-a11a-60faf652f29e
.tynt.com/ Name: uid
Value: DdDiN2SMgVBHDyI/N9DAaQ==
.taboola.com/ Name: t_gid
Value: 0b1c547c-78c1-45ca-9998-35342ea02e2e-tuctb8606d0
.colossusssp.com/ Name: gtm_usr
Value: 13d8fff3-4f4a-4896-bf4a-d58ac307708f
.colossusssp.com/ Name: lmg_r
Value: 11
.navdmp.com/ Name: ac3
Value: 1
.betweendigital.com/ Name: ut
Value: ZIyBUAADJLC5fCDt5fGLGMSEwRbokLzETtn6fA==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1686929744280%7D%5D
.navdmp.com/ Name: nid
Value: 12dd2e0f13bf8e33d1f45db7d710|1|196
cookies.nextmillmedia.com/ Name: syncedBidders
Value: {"33across":1,"loopme":1,"openx":1,"pubmatic":1}
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFmaWRpbmxiaWqyC4lvbmRi-QuJb2poaLCKBc43MTU1NwEATw1LgEAAAAA
.cazamba.com/ Name: ttdata
Value: _2_1686929745_1
.pubmatic.com/ Name: pi
Value: 158355:3
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2c93:18yl~2c93:18z8~2c93:175w~2c93:191c~2c93:199z~2c93:190u~2c93:196y~2c93"
pbs.nextmillmedia.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIxODcwMzE0OTk3MjAiLCJleHBpcmVzIjoiMjAyMy0wNi0zMFQxNTozNTo0NS43NDMxNjI0MzRaIn0sIml4Ijp7InVpZCI6IlpJeUJRcEdMTHZsM2w2UUNiTy5JZmdBQSIsImV4cGlyZXMiOiIyMDIzLTA2LTMwVDE1OjM1OjQ0LjI3MDE2ODE2NloifSwibG9vcG1lIjp7InVpZCI6ImE0MjVhMDk4LTFiZmUtNGI3Zi1hMDdiLWQ0M2RlZGRmZmYwYSIsImV4cGlyZXMiOiIyMDIzLTA2LTMwVDE1OjM1OjQ0LjUwMDMxMTI2WiJ9LCJvcGVueCI6eyJ1aWQiOiI5YTA0ZGEyZi05ZjJkLTRiMGEtYTlkZi00MjEyZGExN2Q0MGEiLCJleHBpcmVzIjoiMjAyMy0wNi0zMFQxNTozNTo0NC4wOTY5NTEzNjZaIn0sInJ1Ymljb24iOnsidWlkIjoiTElZUUVNTEUtQi1HRjNYIiwiZXhwaXJlcyI6IjIwMjMtMDYtMzBUMTU6MzU6NDUuMzI1NDgwMzc1WiJ9fSwiYmRheSI6IjIwMjMtMDYtMTZUMTU6MzU6NDQuMDk2OTQ4MjY2WiJ9
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.insurads.com/ Name: ___iat_gid
Value: 004FCD87A9708E5B
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 14
.pubmatic.com/ Name: SPugT
Value: 1686929744
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4023-2!4023
.dicio.com.br/ Name: ___iat_ses
Value: 004FCD87A9708E5B
.dicio.com.br/ Name: ___iat_vis
Value: 004FCD87A9708E5B.a5a5441feb2a2a9dbf46cc8c3be1db25.1686929745926.8340fc644612eab4010084f9403d6a23.UUIMJUAOIA.11111111.1.0
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
www.dicio.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.dicio.com.br/ Name: _pubcid
Value: 92390ee3-df42-4392-aa54-703520122618
www.dicio.com.br/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%220fd146a2-2ce7-4bf7-884c-487b3aa91b71%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-05-16T15%3A35%3A49%22%7D
.dicio.com.br/ Name: cto_bundle
Value: 6uh53F8wZVNMcVRWM29TSzElMkJreHlpT0pLM3pyZEZjTmZZRmdpMHJQJTJCSjA1c0hKOE1yUjBxWmhGYjRscmE1OUNjUkhsRlRNNDNuWEdoWiUyQktoWkl1WWlBSFJKZGNtWDhPJTJGVFJtSks2ZTZRR3VCbm1zeFc0OExpTTdaJTJGS2ZaSzg4MzdvQ1F2V1JWTyUyRmNpTHNQQU41ZnJLU3JtV3clM0QlM0Q
.dicio.com.br/ Name: cto_bidid
Value: mnn2q19Jc1JiQ3NyTTBtSXliUXBFUW12YVZsVHJienVyMGdoRHVKT1VoYVRVMjN3UGVYNGxlSyUyQkZRSVl6VFdDYTI4VGo5dWdLeXFnenlRc0lSeEsyNURia2RaQ0Jrd3o0Z0FTUW1MS3doVlh5T1dRJTNE
.w55c.net/ Name: matchmedianet
Value: 5
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIyI6mmKui9zsQBRIXCghwdWJtYXRpYxILCNTsspqrovc7EAUSFgoHcnViaWNvbhILCK68upyrovc7EAUSFAoFdGFwYWQSCwiUwYieq6L3OxAFEhYKB3N2eDl0NTASCwjAqMTJq6L3OxAFEhYKB2JsdWVrYWkSCwia8ZyNrKL3OxAFGAEgASgCMgsIsrjthMOi9zsQBTgBWgc4bTMzems0YAI.
.go.sonobi.com/ Name: HAPLB8S
Value: s86152|ZIyBW
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1686929750!medianet,1686929750!triplelift,1686929732!sovrn,1686929730
.media.net/ Name: data-c
Value: 2dc7e71b-b0c2-4ff3-9039-082a0ff07788~~1
.media.net/ Name: data-c-ts
Value: 1686929750
.media.net/ Name: data-rk
Value: 968625788307119378~~8
.media.net/ Name: data-xu
Value: qJTDG1a51Qabu95~~8
.media.net/ Name: data-mf
Value: 6c8b0ba5-a158-47ce-9300-413aabcb94d3~~1
.media.net/ Name: data-ttd
Value: 0fd146a2-2ce7-4bf7-884c-487b3aa91b71~~1
.media.net/ Name: data-g
Value: CAESEK-LngOrBPwaVSFJlRvUNCM~~8
.media.net/ Name: data-so
Value: c8bca416-9819-4d74-acf4-00ac86ff7171~~8
.media.net/ Name: data-pba
Value: 9ACA50E9-7AA6-49E2-AD1F-E290EFBEE246~~8
.media.net/ Name: data-bs
Value: bb6b4e3f-4d9a-4ab2-b007-b89982032e12~~1
.media.net/ Name: data-r
Value: LIYQEMLE-B-GF3X~~1
.dotomi.com/ Name: DotomiTest
Value: 7c785bdf30f22171
.rubiconproject.com/ Name: audit
Value: 1|vr7xR3mi50FFn99/vOB7R+xr/u6Posoxm8YIM3of98/WaDs14xzbSFIG3Ke5mizMQDq7FD+fL6ciZ07GJqnMno4BjqNRGrmz
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005%22%7D
.media.net/ Name: data-rbh
Value: X6eQx8cX9MYIG3v0sS6B~~1
.media.net/ Name: data-co
Value: AAAMtwV-0PnsEgM47SSRAAAAAAA~~35
.media.net/ Name: data-r1
Value: RX-260b4f2f-b799-4697-b49a-e40376b4d98e-005~~35

58 Console Messages

Source Level URL
Text
other warning URL: https://www.dicio.com.br/(Line 480)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript warning URL: https://open.spotifycdn.com/cdn/build/embed/embed.40dfd0db.js
Message:
It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://z.moatads.com/triplelift879988051105/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Message:
The resource https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
worker error URL: blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe
Message:
Mixed Content: The page at 'blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe
Message:
Mixed Content: The page at 'blob:https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com/d1ac3254-cdbd-4074-8da5-d1d65d22b5fe' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cs.iqzone.com/e9d4ff858b5e32317e843f5ed11b2659.gif?puid=u_010554f4-f22b-48bb-aa7d-dd1df78f257a&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diqz
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://open.spotify.com/embed/show/1wqXAwYjxvnkJBLueeojy0?utm_source=generator
Message:
The resource https://open.spotifycdn.com/cdn/fonts/spoticon_regular_2.d728648c.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RzAzbmlQWkg1bFJYS3BhMFFmbXlMeHhS&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F6%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 504 (Gateway Timeout)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.hhkld.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hde.tynt.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ssum-sec.casalemedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cookies.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pbs.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://open.spotify.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.dicio.com.br').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.dicio.com.br').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://nucleads.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://as.cazamba.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cookies.nextmillmedia.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://sync.richaudience.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://imasdk.googleapis.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.dicio.com.br').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cookies.nextmillmedia.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16ec5394fb8870c8c1eb1d77af64931c.safeframe.googlesyndication.com
33across-match.dotomi.com
6ab820b3f02fddc067fce855978984b0.safeframe.googlesyndication.com
7gra.us
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
aid.send.microad.jp
ajax.googleapis.com
amazon-tam-match.dotomi.com
amer.hhkld.com
ampcid.google.ca
ampcid.google.com
an.yandex.ru
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.cazamba.com
apresolve.spotify.com
as.cazamba.com
assets.a-mo.net
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
beacon.lynx.cognitivlabs.com
beb97fdf19453c211229eb353c71783e.safeframe.googlesyndication.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c21lg-d.media.net
casale-match.dotomi.com
cdn.7gra.us
cdn.cazamba.com
cdn.id5-sync.com
cdn.indexww.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.prod.uidapi.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.iqzone.com
cs.lkqd.net
cs.media.net
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.t.tailtarget.com
d.tailtarget.com
d31otfhas71ais.cloudfront.net
data.adsrvr.org
de.tynt.com
de9a11s35xj3d.cloudfront.net
dicio.com.br
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
encore.scdn.co
esp.rtbhouse.com
eu-u.openx.net
eu.7gra.us
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
gcdn.2mdn.net
geo.moatads.com
geo.privacymanager.io
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gue1-spclient.spotify.com
gum.criteo.com
hb.adpone.com
hblg.media.net
hbopenbid.pubmatic.com
hde.tynt.com
hhkld.com
htlb.casalemedia.com
i.liadm.com
i.scdn.co
i.w55c.net
i6.liadm.com
ib.3lift.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
io.narrative.io
ipac.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lg3.media.net
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
medianet-match.dotomi.com
mug.criteo.com
mweb.ck.inmobi.com
nucleads.com
o22381.ingest.sentry.io
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
open.spotify.com
open.spotifycdn.com
openx-ums.acuityplatform.com
openx.adhaven.com
openx2-match.dotomi.com
oxp.mxptint.net
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pbs.nextmillmedia.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
r.casalemedia.com
r4---sn-t0a7lnee.c.2mdn.net
rtb-csync.smartadserver.com
rtb-use.mfadsrvr.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.marketiq.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.update.3lift.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
server.cpmstar.com
services.insurads.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.dicio.com.br
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.hhkld.com
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
sync2.navdmp.com
synchroscript.deliveryengine.adswizz.com
t.pswec.com
t.pubmatic.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.navdmp.com
warp.media.net
wt.rqtrk.eu
www.clarity.ms
www.dicio.com.br
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
y.clarity.ms
z.moatads.com
csi.gstatic.com
100.25.122.4
104.102.111.7
104.18.10.47
104.18.11.47
104.18.24.185
104.211.35.148
104.36.115.111
104.36.115.113
107.178.254.65
107.22.93.74
108.138.128.46
108.139.29.114
124.146.215.42
13.225.214.87
13.225.63.107
13.35.93.37
13.35.93.51
134.122.57.34
141.226.224.48
141.94.202.176
141.95.98.64
142.251.167.154
143.204.151.99
144.217.229.192
146.20.128.169
146.59.148.16
147.28.129.37
15.235.42.103
151.101.2.49
151.139.128.10
157.90.40.26
158.69.248.161
162.19.138.83
162.248.18.32
162.248.18.34
167.114.102.18
168.119.72.236
169.197.150.8
172.105.199.172
172.217.13.162
172.217.13.98
173.231.178.83
174.137.133.32
174.137.133.49
18.164.107.227
18.206.31.91
18.214.175.210
18.224.253.134
184.24.36.23
185.167.164.49
185.184.8.90
188.42.34.65
192.132.33.46
192.35.249.137
192.40.39.223
195.5.165.20
198.148.27.140
199.127.204.171
199.38.167.130
20.110.205.119
20.85.134.6
202.233.84.1
207.198.113.86
208.115.232.150
209.54.180.76
213.19.162.80
216.200.232.253
216.22.16.4
23.105.12.144
23.105.12.150
23.192.31.127
23.220.188.195
23.220.189.155
23.235.251.213
23.3.115.129
23.39.253.208
23.40.3.193
23.52.160.7
23.52.161.201
23.52.163.93
2404:6800:4004:822::2003
2600:1901:0:524d::
2600:1901:1:b99::
2600:1901:1:c36::
2600:1f18:1c96:4102:4bd7:5264:40b8:b37
2600:1f18:4e9:5a07:6454:8b0d:b7ff:750
2600:1f18:612b:4232:ab07:9ca5:134e:3ac3
2600:1f18:61c0:2204:b3a:1dc3:6e97:b731
2600:1f18:ed:550a:573f:d88c:2bfe:75a9
2600:9000:2140:c200:17:b93b:fa40:21
2600:9000:21da:7600:6:1e88:a100:21
2600:9000:2209:6000:1b:5138:8a40:93a1
2600:9000:2511:a800:a:e047:753:be1
2602:803:c002:200::24
2602:803:c002:200::32
2603:c020:400d:3000:67b7:1059:7283:c690
2604:9e00:1:129::2:a01
2606:4700:10::6816:3456
2606:4700:20::ac43:49e4
2606:4700:3037::ac43:9a47
2606:4700::6810:7caf
2606:4700::6810:ff3
2606:4700::6811:190e
2606:4700::6812:16ea
2606:4700::6812:18ad
2606:4700::6813:9f13
2606:ae80:1451:21::440
2607:f8b0:4004:c09::9b
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:824::2006
2607:f8b0:4006:824::200e
2607:f8b0:4020:2::9
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200a
2607:f8b0:4020:807::200e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2620:1ec:48:1::40
2620:1ec:c11::200
2a02:6b8::90
2a02:6ea0:c454::1
2a04:4e42:79::760
2a04:4e42:79::763
2a04:4e42::485
3.213.144.48
3.225.218.10
3.226.160.148
3.227.128.167
3.230.35.231
3.233.21.199
3.233.84.12
3.33.220.150
34.102.146.192
34.102.163.6
34.102.185.99
34.102.253.54
34.111.113.62
34.111.151.213
34.117.239.71
34.120.107.143
34.120.195.249
34.120.63.153
34.192.101.54
34.195.62.251
34.200.58.84
34.202.103.121
34.203.16.231
34.225.41.163
34.230.97.77
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.39.111
35.190.60.146
35.190.90.30
35.201.123.184
35.207.24.140
35.210.53.219
35.211.178.172
35.214.161.112
35.236.220.17
35.244.159.8
35.244.216.234
37.157.6.243
37.157.6.254
38.98.69.175
44.208.128.231
44.209.177.129
44.213.57.151
50.16.197.56
50.57.31.206
51.222.239.232
51.68.39.188
52.0.31.80
52.203.174.216
52.204.92.248
52.207.45.55
52.22.231.91
52.223.22.214
52.44.244.58
52.44.30.82
52.46.128.147
52.85.61.52
52.86.219.236
52.95.126.138
54.152.227.11
54.170.109.87
54.204.174.60
54.205.17.152
54.243.211.206
54.85.104.179
63.251.28.234
63.251.86.50
64.202.112.191
64.247.193.142
67.202.105.21
67.202.105.31
67.202.105.33
68.67.160.132
68.67.160.76
69.166.1.12
69.173.151.100
69.90.254.78
70.42.32.159
72.251.238.254
74.119.119.139
74.119.119.150
76.13.32.147
8.2.111.13
8.28.7.83
8.28.7.92
8.43.72.97
80.77.87.163
85.114.159.118
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
00473817b099df6d419325ca6dd2e3d839f51615a5c94a96125faab83bf4171c
0076e97cc888c0d88b4c0b237a85f81a6242e2ca5980cdeaa3aac2976f6c0b53
0077d904647fd8e588ae0d4600a648086cd889192628b10d75cc5ab42e4a607d
039130d456855a745451bff40707bee5512bc4466373224b2258f67cc6c6d879
04bc269ca65c325114dfb91d780a63874a6f47cc21dba133c57e965769099c98
054513afce19627673d8ae569dbc8ec42e2f9b6b58c6c01c5b88ecbc28f36f54
064e394cc037577d0e56cd65cc9569802b3810d5808d1eeae17e3f61e1f80392
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
091c91c78f36b1f6925c8cadf7f3d55399c261c261cb2ccb13efb0e29a9f9c88
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c1db60d1ded71b9307aa95ea5b01d8ffedccd13fdbcb0c31a4b552371058f
09f792df813fe782a7f8c7d39ff723c65bf63212ff4768857e0bf97d9a47a060
0a07fac2b08e4d8fcd73df87c5465876f22038a46a3aec95cff8de90f02d9038
0a9be68816edc69de55fbddd12c082462305ee4377b06287b009b0fc0a539111
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2ec44e1d015de813b1d9a248f7abe1321fcefd6647764def27ef01679e0a55
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
0c60fd01004a4b5f4997c54e3fed4e0a1080ae7c6c263af83fa7f4a0fff96c15
0cef8a8820870b6656f64d35b42c03a5a0b85d0669dc66605b5720415512cb3d
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c393f61063b6abe6b6484d486cc196bb498b8e12098a164cf61e00ac15ed9c
145d24d0b6cccec903d3f623287441c4db2fe37798915fa381b0424656975003
14a9cf34a9c6ff7b7952e58403a130918ffcc41fbab4f072032ff05243e4ffc9
14e782f0b1ad79a7fb54cf321ce855960d9f6fa3524bfd72043fc8e8275d18e0
1656a4ae0ac2d0e26ae78b1a5c18e7169a29eaa58ee12050a7d4a3234f6515e5
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
191918db99156399b0606f8c0a308dcf617012541d6178eafaf7e9decdbac099
19483633b99a41690664c6702d860a7ad166c6cca900012c3f1fb9047167c5ff
19a7695fc00bc7760a21d207011e0883eead60d1ea4ab64ac1e18887a0cf76b3
19f965c0f302a640fdb7ff28348a704cdc2ca929f7019d0f877d8dcab98784e3
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c39a7494ce50db11c38e6fed5c17a8bd678ff54a212d2b82c7686b5a82655d7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d752805498ebd36b9c69ad1d3da93b1561ea6b33f58ec89a66a4228a357dfe2
1dc3ee81eb2a9549624784e5f2efaf3b57a7a4d31df10ac590ce1de87411e8f0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f182e3c90e2679c21f12f4538c28083fd981b5c193aa08962c3d59668f757cf
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f5891d27bb43b55b9f27cfddef2d7f13f0e115a08145ec1ae13a9729766f184
231699bf226c321fcd39d085e8be7b2c45c92e96569259c9452a2151742bb9a6
2386daca77d7103504253b070f7a6cd94f5bacb1050b740bd3fdc672b1624765
23fd6ea034fecb090846c7ca61310f40ba527af903e47791f4303d5a7026308e
24d2e3d3f2d5dac9bbd433305dddd7cb545d0f09366f5f01802ff49ac31663f8
26dcff3bf61c2c77229496cf2251782cafb598cf31691d6233858c6310e22b7f
27e29a5aebbbc2d82b6f7d9dbbf03ced7ecaf592adf68338a02aff332b3e7bd5
28ae237ace31f04b27c2f38293b79ba78f487d33958d8c1911a8e791c3f1ea88
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acfeed05c6535de8b8139cfb62463d592e779c0dbef183b21f08f5a4a58f623
2bc622c7a2e570d8bfa9cb0cf0aec04d63d684e0bd967561ace4a0b1a08a642d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e32456072f87a291a8059852c8b4debd0bdfda1c7bc649757a4c0bdf334dc7b
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5
2f0ba82a888510f5775530f26c9831427b5e608ece927f9f5dac863cca992ee4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f611bfd2d3ce3c76e53f1c3557c0f701776a0fb9a08cbf7a7d77ba3fd7783bf
2f644833d4942dd5a8e3720e2eefd152abb64dacda9d4ba0a1116b506430b795
2fcbb208bfabc76af88cd77b638fcf85edd50660e9543df0ea581e77b1b82cb0
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320d8033b4dc2535005db35ed05a86cb63b0df0526f9f6dfa259abc071211c2f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
344a741022da20651dcc857663a7407bea9f2782953379e94ab0c7086bf96b18
34d8c5cecdb4a16f26b60baf2512637e3823cf81bb4e423ac51a8c5a1c6705b5
34fe9a3f8003927013ef8fc5b1581ea0cff13ec75f2e43df7cac28e00c86acfb
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
354ca49e10c36b836a810b94ea45f1798d408da3bd2087ba075238123751fa46
36500a476171827f34e6ba6e60842fed9619aa2e7e0d644c6ba6f91145170fb9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36c87477804e12bebeaf6f7e079d246274d8a43467c15f564f9159e51f70dc16
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b251a1907f60bfe325f2d0c45fe475d890906366e7708d9e4aa165c1d39d7d
37df906ae01012605d60ae564b044550679fa64b51f9c89510715e164e5fbdbb
38e47077d2563f74bcfab705fe9783a961370ef5309d104cc44b5b09d50d9cda
39897aa04fc8f0aed0964009a769f4d9f0de82f86a6652ab45644c2b547b5ee4
3a587fc5c9ec94f0e51d66275ae8c23f32d249476f688571faf7d95d0149a6de
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d
3d4b659e27c251e557270cbec9154b5ca72b5b05aa1ad50937a599e3b2f99e2d
3d770c5cd64d77cff0d3d7f5aad48fc3646442699b7e34b2a9ecfcc311e2777a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415437c94a739e0cf9900ca2da7b8e294177a40af818dc9bc3a073c3cd44490e
42a3c0a8083cfb6568899ca2b8082f6ffbed75b5d0ce4d3599450a0bf04dbe52
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449471f17bf899b717f7e44cc4f521069842baf0e87faa375903fd9f52d8fbe5
44b608a3fedc8cde99292456ab32680fa4cb92cd3a224a6be10701b11807f9c5
44e7f3fa1dda0dc7058427b5a78c39cbbcafb31504364a3f2e09dd0b7192cb7e
44f8669a8591615d988778b94899b7fe231e61f7bc8104f4d898b720b45bc890
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
46464765fb2207c2beb3c2ac559f443f157be9c3698a4f0aa5d9016b9e98d3c4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ec60201aee3600f6c66b9f24c232384d0225b9fee9094b1fbbdf63a374c875
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
472b139b56ec759d301f483a7e69eb35b07a19680063a8436783f5fecd8d9f0e
4756bceccb13546ea3a7d35f52e3b64c110280689bd255205097e6e620469a0f
4808c9e1b2c270f6a16ad1effa1f0637d434919395715553b74d68081444eff6
482c79281f9c39b41409866dcf058ebe0abf62bb2ec081617ac7749082d3f161
4893f6fe507b28a67a8375af655c8d75d9acca594323a1be48941c3ffc835501
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
493cca1c2b95032b6d3bf5a310bf618b3bd7c8426fdeedaa0b2f1e1fb2ae48ea
4a61b1c2288c15b9a2f03e495ee3ec0eaac64672351e64dad081a46e678bbcee
4b39099d5375a160c795a06804ad144d9ea750dc7d04819fd446ee8e0bbc763f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf23d0db7164af066d9d84e8d37055d16e160b516c997c84b08863ef2b0a2b9
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cf0b2d6739897c8b9d6b379439e4824a9753991331275f401f6fb28540f2756
4d7394c2d4f9cf5fecb4451b0347ab10e1ae014f8ae7954f16cd4a3ef50d8b1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9d527a99456d0307a68a8244193f3ce0ed881177b67543a448e3ab04bf104f
4ed5154c4a1909e3592c4db1a3b22a56742cbfc4e0dd96173c53be8af6dedcad
4efc4ef0221748b56db7e0245dbd3b0064924e4bbc79f7e9d4964485031793ff
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518d27ea6cc928cc83a362b7a686421e9629af65010658f13a5c2b3e8e312e34
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52ea2fa073e06d46300b4f51557f3a473e8930608887a0a74bc191bdbc525494
53ef9ae0706da716c89de4ce9a8cdebbde3b80076bc39857ab88c3df43ea105d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571b71f551eb5dbc5a18e9fa6c2b095858ae48fd38dabcd1028489db4d33f416
573e4c302c81c58e4e29df2a04835d38960208f50665eef4fc78d5d2a9031a00
57bbaf4337735c87999775c5198db37e84d0f3608e8639b2f10c09850159001e
592abf8db68d3c029b375f195e445d5f2ea47c162e6e8c1c8c3d4d6dfe113d0e
5a2f7c9b67c3d54e602461347f6860600515a37f6780c3cb3b453245b2ac22f8
5a869098bb600fb0bf884a15818b903616ab8909b146619ede15f1ada4022091
5b10b59c64f240ae474bceab2bc1733a0e884e7a7a011ee3988ef0c08411491d
5c0dd82887a8f09c4469be3df71d6d502b41337fdcc6409a75750d90ec9e74e0
5d5f5ddb4d1ffadf9d99509f9b760773eec21521e61890829a9af614e2b2267d
5d5f802700b7862b8306b915a5d8cba2ff2608bcf5e6a3ad658a7bfb46f667c6
5d972ce073d4a74c8568523303596ef8e2b7e84dd9cfeddb43e9d87111257718
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
600b9c48d421b361f053fbe520219396f0bef4caf58d63c962ae3fafce99e703
60265c8d5fce12f8be1c6c371e68489dfe48356bc1b19a23d4646056daeefd12
60bdaa75527109a0f3925d8f8b28ececc9fb0e1e061dd5103c56c2e4cad4c553
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6381b4ff1dfd889a928888c5f06acd19079c432a9eac74763cd84afbdd7ff1f7
6392c8cfabd17b62df150bc1dcb264133cc5eb693d7c56743508933e5b943ad8
64608a63f740a2bf2061361b98d0bed2f8787c69137cd11bb0f88bd7dd59f508
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
67e5e57ab839b10e8a8b730750111c01b3ebe12c2af2f5a5df5cc9ae7d1827c3
67e89ff43577ee96e03ca787b9283b03ef585a87f1fa1e10b3a8e40b672beb96
68ab0b2c948d2e85a9757fdd30098f69edb9c8a94ab16c8605804c1a4b8e3d38
68f2d0ea1ba557aa31571abdffb38026e17c80bf65f607ad6863dc2aa54c3dd1
69ac651a5adb331eee3f1437af27f0b2380d82db9da55074e3970dcfc15286e9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b42907ded401723b9a685478f3d8849b72f354bfc57c9f1c318940d124f3a1c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6ce5e30dad56d17a991fd56a91b53565a55497afee5597db8f7594631a483171
6d0c50e04ef4aceaa5bc51d26c1bbc23083b67744c078069c8afae7d62ea619d
6d4dce10c868542ad8fd6da23b9343690bb5f8cba64e4fbc57c8f3495dafd3ea
6f24777bfa3f89b6962d6ce7d6baa96fcbfecc16f67169b94fb6aad78b152694
700a90f5446eaa22b028669a049aed5fb98dde23c4a4fcf1559baeb8c8135d87
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7183f83f0d9c05c30dc75385be94c5e6ccdf3f01ef489394b63885377ecc70bd
71af6a2e6fdd4f20d5dca5131d5cd731a5492e396163aa404d476ef96546a4ec
71dd4e3a92326ed555d0ed4735e71495d7c8089da9121ec83d89f7a4cf0f0c77
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73dba26bf1675baa9902a1c232e3335142003fb1099e628d138e2cc316b7c244
73dd30b9caf91c89a83a07599a85918d9097bd01e78eff87020953a4fc0dce7b
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
760f2167cd5573f69b6ef2c54f8997af2c761848b6948071a18c76c60c7451d9
76ae05bedfcc8ee757f2a49890366f71e95b369be7b80d0a6ce0c702dcfffe27
76ec354ea485e2215af0e16e54fc5678f95b829ca19851fe744e4d93e6231e21
77939a2e6a90ca70375d7c41d347a68883f8f05d16689af346835b1de6b8e187
78621720f40f69ef7d38f1fc3faec996e59c4d8774a2ca5ecf3b1523a5b1f89a
786e22f91df71cf586b793e30764448ac25401d9cc2173ee5c57b79cede0fa9a
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a7fefcc71fb4f06e7e1bdde31a188fa361e027ffd98ade317834b1cbc014e3b
7adad49d56c25875d1bbba55f11e7514eeb879e7621881c779642a1b4740d77e
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b959c7410f4dfc39ebc0ba9580e7867600b1c64bc34a7dd1503b2abe78ce10b
7bd7466fe4624b8b506f1fc87ff5d034fc17d5724a5069a393e7075b7992a5d8
7c214abc91720801f7ab4d391564a0cf695dedbafe0d2094888c579cd77a2d0e
7cdf56f204c5fd145dfba833c4c47df41cd7a2b9434fa503bda6b54c02164be2
7d8f2e8e473ec5e0911acc1c656a1365cdbbab0f8b8e9592eec15c5c2ff41432
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
827543244b3c29c06ad309db1cd4405278c0f602f117a343225f6a71704be797
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
84db7fee2f0e3d6810750a40bb1283fcbe597fc2f9581dedbcbfdd519c6e5dea
850950ee9179c879ce265ec83fa30a49940122b1211ec2ecec59dc30370d6060
864701b265961a7b15119944bb9d5d5a57ee6bc30119f4c4df897b5d30945029
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
868effc99b534814601623cdfb53d74173a4acb5b29018b8d27dfb34d872a8b9
8699f09d30935ee3dca9a31c9b8d142115d1a0f2386ecc672656fe54a7e47112
87023d9a57d9837775306882ea25d28c3380b7c9a8191b3296466374b0a210ee
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d2cdf650f68cefc474f84322d1bd57fe74c2e75828824419e0667b8bc33bfe6
8d9f9eb2d46ae85b35405642aeafbb3d07264df318e51ef6ef7a87dc1648800e
8e054c57d7e1e1ca11a3c59ca7d6fb43544db858db17ae01dde98637e6f796f8
8edd9aadbad93c9bd72d1f0cdab597068f93c721b8adb45e51e89ce08c9b4539
8f575b1915c09d18ff9db4032330d1888d837fc726a6772f49fbb1c299fc6c1d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9052def9685d1eccda18c0c50054ce1b5ba8ffc9b6a9829ebe29c4dd42f1b517
906c899f697b3af009a90a6eea7f5d796d0532cc14761a5fc6986c5a732cb280
90eb0b097b35755783ab1bbb39b4209b796b29da40d148443875470fc482e20e
92765a644f7cf736a084526e91cf7c82bca2732145c5405c8f3c149247cbc802
949ef7fe964165bb6d854edd00313b8b61d8dc3df850ada94d61a506eae9b3b9
94e0db1d92e7f7bca01cc07a16abb8c2e9bf762e9742100be5103daa4603539c
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
96f75f8287d0306eb57a4f978fd2835e8022948c8e1cc6eee6630d8d2807d5e4
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e86f8a5468a2177eda1389bea947db15d41867475dd984c265d742d9f86d85
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b23687366dc4fd96863df41dd42bc02cebcea90805998c44c89ef613a356da8
9b34f7d4bc66fb594b739baa7d9bb4d6ec44fae94db60627b9384795e5cc1d77
9b7413f945c8b8bb3f75eb10513c7ad79d386e98494d541e5f1fa9301ffbddd6
9c494e111e0d818f4fdae223e6cc9ed4460de37dfa2c4b66039a24dbf13bfe55
9ec043122391c112aa217282b49542d9ba6f45e7b9d5411657dfe054a8cb6994
9f4cb706432631eec1af15f5bf857a4a1fbe46d1b5c922aadf691644da951949
9fae3fa909537585985cd01ae9464d7bbb0c381c0577e9aecf9fec5a30fc8c06
9fbafc2045776dc4b6af73ee4e94c969a485df91335d7c6fe1d433440a831ecb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a20804ca4dfd32554b433757577c5eb6c689316d78cfd365feb8fe620a03124c
a30b8acebe49106fdfe4013dabac8a2a34ebabc28c3e63766c2b35aaf71ba275
a438aafdd1ec78075f147cac89796254171fa2f898803b18324de9613c7cc1c6
a45a92497e75953ee457a60ca7d2fc6e3f8e2205b54f8b6ed7a149b7f1af498b
a479e742cee2a895641b335883ef83a813d553fb7d8324c3737f3ee010b69d6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a641b3a95bb70fc67b9d638df8ddb67df934b1dd3dac8abee4ebb1a0b2d1be14
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69c62ef09182735a3640a66f629943860f8fcd8944f2616f1b697e493f31ee8
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a74c347db1f3d766f72beaee4d19f6425fcedb5c8032ac07e6bd22744e28a4d0
a7d58f7da11777facb13677b969c0c5fb3086761608707a5aa54634d781726f1
a843e2975495633695633439e69191c8adcd09e11fc11f37311819e104c9b771
a8effdd3d5ab5204abc2fee8c8912f6d21b46d4d2665dffe253aacc6cf260d1a
aa2c8d2ca8017718fdae6d5692cbb4b4c3ce4299aec9ee65a6b4ad87440d8337
ab0b132840b1268c9e66406bb0cd68b2deb178b967df0b8012e64f3263054936
abe118a8190437932358ee406977c8acf9c8dd9859a98352935b332e5150e6df
abeb67953851ec05ae08d09d5025ce06106eb80e8d2c51ab1946a36cb1e1419f
ac043bb8a8081bfe47a2be62207efb71a9142886e0d30a54360356bac84d4508
acba58905a59040decf64b9732ab6c85f9e70a13c503d698649fe5d19c5d0c2a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae0ab1ed04cd36e4768832511145738c21f5a196e86da76504c4c0ca7ecd6f63
ae36e95c9d0742585d996ec68e76912aecc719ceb967026f26efe33c937da09c
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aeb61c3afc69fcf35f7a3cbab81358ce9704ef4abbea93558a7a1db676d6638d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0997a97d552cf9437d52c8306de953ee7962184590d0d2a1b560a0e3fd463d2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cb5341d7f55045ee1f4414b94abf8fad4897a6ead30bdb1e7b74c3c0d0d5a2
b20b92dffa04e80f6aa3c5daebafc73d5cfcd13bb2d2320ed48cd46f11e74cb5
b2e573bbfe0e51467d82c3178fad113fe468f4d091aee145dcb6d0d5592609d8
b32cb4f2519128fddbd553040ec42a09bcdf89d2898d32e1aeff8b14b8fa4001
b37c0031b83541513eb8ec712a41c94de5f764180241b2c93f3a0722e899d876
b5ca18e2886474b70e2a549f345e739dd25b77d0c0203151582a1f7849047768
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b63df6b9f31920181a64b18f632e17cb82b3d60cb456e650ee8d55bb124e5415
b685be923a691797281736076d174a1283860be2e316041f058da186b49e635d
b75c96e84836153d473c7f7289b222a5114fa5d8745a87c174109de74c70c98a
b8505d2279659bc62490506db71777bae8e7c2de8c6b71e6d230ddb265e85cfc
b9939d1a7423140250007727546228736920bb1a9191c6c291e58a1fdf677c56
b9bf40d854f31b2a3f898304b6bafff7a5b212d479bc8f62402d393e3fb3635a
ba6cf42f11a5d00f36cedaf406636e87668fe0e966f1e8e46bddb39ca923efd1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
bc6b08ed0f643d8197ab1c106c457c9e58dc785b1031a9a2ad9e35d0a716e58d
bcd28483f92ab660e927bbaf92ddcd9e0174703a10808a93669529b31892196d
bdd77490b07d38dc1c88321bd2c492b4e04e7da59fb98ba6686534535c42f467
bdde7fad94d3c172a9d8a825aa6816a9e94ad9c01a045eb947e8490eae3f77f1
bf618333634a926d0872fe038848783bdf0bc51476621228d150778d97f7de7f
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c10c4c2c43cf6d64b1c1a3550568fc8f84b96e93c2248766c99a84e6e35c8c2e
c122fb8d2cf202f05a37885375583fb95dd1dfecbef7c332196233e6ea963fb4
c1e8006b3f9b532fb5a1b99133cd080c6178debd2238d48e921bb8808c463588
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c249e9c1c832eb9b8081ae90a8046b6f3d36bdfa4efc5c6574524a1e54fd43fb
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4247379c02128f5c400a378fe0251a1631628df124d10978f51b611579727cc
c4ca05a72e5cd5ac1bf636948261bcb860fb5937a457ec61c1807492f2128e93
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6ccf06cb0a453582b11736475b935bf83d84a6d4c53036cd51b27178552002d
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c989a36869084f3fd2d299918ad45061f8036aee00fd5591f9e409e0d6aa64ac
c9b96b074dbfdafd1e9bd9d18979766fc8b54fc4326ea241a741173439b90534
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5d39319f05ce929e87ba2fd8aac7faec05849c8171db0ee63a3d2472c29c59
ca703fc1bfe554cdd11fd18e95e05333a6f7991ec3c9c0994d11431826d56c8d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cadfaddc7ba0c2c9277c03199e654dd8eeaea834d154535d9b891703d25bb699
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccfad1243b8effac190cf25974a2822ad8642498ef6e21c9ba720f548025a83d
cd18f6a968e106222467c5ce8a55a90e65117648fad19526ee425c4fc2922284
cd3a49ccc6a9f2c95854c1488febdac69fcd503284cab9380499f3a5ba7a10dd
cdbfad5284449012054adb538a7c71f08c3f76b61acf0039bb713161ab32deae
ce9ea9d1fb487c960a1ea5a9d8af91eacf7e1ca61ac48538739cfb4052b3a5ec
cf105a11e980fd6a1810ee3e340f707b21c47353fd7dd00401791678bf904381
cf409ae020e1f1cfe3b71a77c037f5d7e35de67c2f7801738bc69fde46c5031c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa542fd62f82fe2f7a601467dffb197b9aa017c6f028bb677311f7f9ea343e5
d07cca63e0ee2ecd1ee489ba49d37a7b0a452b5efab0736d59e6313287c56ab9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11da8e6068e50c9b444014a8f5ce3de867e216b9c74a724c5b485b51d52bbb4
d1afb0b79686cdb9f92bb2da36ae6b9ab8b9134a4ad0aa749f42d0b46acbc134
d233f0a09dbbe7abefa79422fe9fdf1826d814cc2b7ee11273f0001f4af35de2
d2cf823ebd1e2d7b0649b99673b599eda7de0e6f83e2ef0d09531576709b0ec8
d3d23938e88490aae66cb7dcc4e91bca6cda76d568ddb89073c4394a0984c0f2
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
d527aad616366b4b068601996b74a6145c1c83eaf1fba67a03b9efce098b22cd
d5f6274f07642282c3964360bbf8c865baa9552c2230dcbd0c9a051ea086f35a
d6aed342f21159ea94af160719db52d9ef94edce8c085adaf3e187a93dbbf30e
d6bdee5d7558476a315d12e3b95b8fbf93ddfaf099f2125f9cb81bfa5b223bd4
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d8661694d009297c1c2577b45675c6370a79a8b33049e95c77fe2fcf6bc02e1e
d8a4114dd7ab0232f190d0ab9af330576317daa0221978f78235da3c9af1cc4a
d8dc145cf63413ce0c4624139b9fb7f6fe416e3411abe933673a417dc875896f
d9526c991e03a61f44638c5139b5f4cacdd46c051850ff11e275c6a7643df554
dc2c55b55a74e83245a1938d2bcaba1e39d1932bc60ae4437fc526c832be93e4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfdba3d49288337df32d4b1df551b114ead317b6db6659f6bf71be63f0671292
e0353c2b3f83faf0c94c71e0f661c4664279e8a5f9e85bea648ea5ce11e9b5bb
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e08d50474bccb1997f8f319aaf608fc763e678bbed630209852b0289704cd7
e4feb275f4004ae990d74f2baa3c0d6afa65e3f69cccce604d7048767bad46a2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e8b35ea01f8094fbc49711b0cd1a28b5c28e9ae2c05ae393f1b96f4b70f258a3
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ea0efdafd9030543e048a32e3dd9991fa78066196248811a19e4f1e3301688a9
eb6eaeed11d520e77144180382bc820c09182eadcc0190844ba85bc281783981
ec7f05ac140982f99e62b10db5cacf2a6b4413c9ece1c9417a9d19be19330b54
eca0845cc74061b611101fa9a9555ef18463d7130eb4b0b1a18871fd5326675c
ed3307c62c0d78bf73af142b4c660e3257374d97385b2f50b28b1003a5c00513
ed3e25d283909f6bba05744969ba038e5472abd5cca209b063efe97fb5d1039e
edc7c7d35e63f807db1cc80597fb2618dc57d0630176f8fe7e3820ca1003e4f6
edd40536f9ae7dcaff774a1fddf4b78dcbda027dd4d830f0d931949aefdea7ba
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a511a0c6af9140a8b28d73a4e8d6c6c657b138d8290e1f970977dd1ac13b2e
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f281dda9522c7411d2a432736b61325c2245c1641f13cff271de87ca65d86a54
f31160deab4db27a05cd5e97bb345d57c1132a883633df4c6cc90f1743df97bd
f78a2a3c23694812e89d4e0f3727f29209da941e9bdfddc3d49d6f95f4b76801
f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
f82edc4b779acfb2e95997c79525aa19f5267fb4789d19066a98f6ef20935890
f88999df1b4015074d4c92def8c66f51065341a47213394ae2d8cdf2e8452aef
fa9c3704cbaad2da2c3219298095afaa8d84dcd4c7872f961e91f180b5f9deff
faae8db54cb4a26cc96fa02a9ab70331ce1e00549c8b5a0f18d15b0f308c57ad
fb5e74f6681a831445f88fee46deb22403d8bf0da680c7fdd99ad68f5d6057b9
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5
fb9d1d5fbe65d40b5c4fae8e887f2c10b12d76aee9b3e8fb781c46dddac48719
ff104537022f5253ee0932f58f6eb70884fb5adfaf9b172aae1eebd3183cd2ea