www.tuasaude.com Open in urlscan Pro
144.217.72.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tuasaude.com/
Effective URL:
https://www.tuasaude.com/
Submission: On August 17 via manual (August 17th 2023, 1:53:25 pm UTC) from PT — Scanned from CA

Summary HTTP 187 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 57 domains to perform 187 HTTP transactions. The main IP is 144.217.72.55, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.tuasaude.com. The Cisco Umbrella rank of the primary domain is 281809.
TLS certificate: Issued by R3 on May 26th 2023. Valid for: 3 months.

This is the only time www.tuasaude.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	144.217.72.55 144.217.72.55	16276 (OVH) (OVH)
37	185.93.1.246 185.93.1.246	60068 (CDN77 ^_^) (CDN77 ^_^)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
3	3.160.3.135 3.160.3.135	16509 (AMAZON-02) (AMAZON-02)
1	3.160.5.91 3.160.5.91	16509 (AMAZON-02) (AMAZON-02)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
5	172.217.13.174 172.217.13.174	15169 (GOOGLE) (GOOGLE)
4	142.250.176.200 142.250.176.200	15169 (GOOGLE) (GOOGLE)
2	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
2	146.75.28.84 146.75.28.84	54113 (FASTLY) (FASTLY)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
2	108.156.180.227 108.156.180.227	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	3.160.22.127 3.160.22.127	16509 (AMAZON-02) (AMAZON-02)
1	3.160.4.198 3.160.4.198	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	172.217.13.142 172.217.13.142	15169 (GOOGLE) (GOOGLE)
3	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
2	172.217.13.163 172.217.13.163	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	54.85.119.254 54.85.119.254	14618 (AMAZON-AES) (AMAZON-AES)
2 20	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	142.251.40.100 142.251.40.100	15169 (GOOGLE) (GOOGLE)
2	172.217.13.193 172.217.13.193	15169 (GOOGLE) (GOOGLE)
1 9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 3	44.210.181.70 44.210.181.70	14618 (AMAZON-AES) (AMAZON-AES)
5 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
14 19	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
2 2	3.160.5.125 3.160.5.125	16509 (AMAZON-02) (AMAZON-02)
3 3	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	23.34.248.177 23.34.248.177	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 13	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	23.41.168.202 23.41.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.41.170.143 23.41.170.143	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.105.12.170 23.105.12.170	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	63.251.114.136 63.251.114.136	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 6	23.92.190.68 23.92.190.68	10913 (INTERNAP-BLK) (INTERNAP-BLK)
12	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
4	172.217.13.97 172.217.13.97	15169 (GOOGLE) (GOOGLE)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	50.116.194.21 50.116.194.21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.7.24.177 52.7.24.177	() ()
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.45.94.184 52.45.94.184	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 10	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	18.205.99.4 18.205.99.4	14618 (AMAZON-AES) (AMAZON-AES)
2 2	8.43.72.97 8.43.72.97	() ()
3 3	199.127.204.142 199.127.204.142	() ()
1 1	199.127.204.171 199.127.204.171	() ()
5	172.217.13.102 172.217.13.102	() ()
1	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
6	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.87.87.55 54.87.87.55	() ()
187	48

2 144.217.72.55 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ca.a.tuasaude.com

tuasaude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tuasaude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 185.93.1.246 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-93-1-246.bunnyinfra.net

static.tuasaude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.3.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-3-135.cmh68.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.5.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-91.cmh68.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.174 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.176.200 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.84 (Ashburn, United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.180.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-180-227.cmh68.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.22.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-127.cmh68.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.4.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-4-198.cmh68.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.142 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.163 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.119.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-119-254.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.100 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.193 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f1.1e100.net

5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.210.181.70 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-181-70.compute-1.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.13.130 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.160.5.125 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-125.cmh68.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.150.170.96 (Washington, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.248.177 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-248-177.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.159 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.170.143 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-170-143.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.170 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-us.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.114.136 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.92.190.68 (Houston, United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.186 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.116.194.21 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.24.177 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.94.184 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-94-184.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.151.100 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.99.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-99-4.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (None, ) 2 redirects

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.204.171 (None, ) 1 redirects

ASN- ()

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.102 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.87.55 (None, )

ASN- ()

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	tuasaude.com 1 redirects tuasaude.com — Cisco Umbrella Rank: 230698 www.tuasaude.com — Cisco Umbrella Rank: 281809 static.tuasaude.com — Cisco Umbrella Rank: 308098	989 KB
26	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 stats.g.doubleclick.net — Cisco Umbrella Rank: 122 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 googleads4.g.doubleclick.net Failed	177 KB
26	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 361 aax.amazon-adsystem.com — Cisco Umbrella Rank: 435 s.amazon-adsystem.com — Cisco Umbrella Rank: 349 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142	81 KB
16	googlesyndication.com 5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	97 KB
14	rubiconproject.com 8 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 737 token.rubiconproject.com — Cisco Umbrella Rank: 748 pixel-us-east.rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	18 KB
13	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760 dsum.casalemedia.com — Cisco Umbrella Rank: 1784	10 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 651 image6.pubmatic.com — Cisco Umbrella Rank: 989 image2.pubmatic.com — Cisco Umbrella Rank: 1137 simage2.pubmatic.com simage4.pubmatic.com — Cisco Umbrella Rank: 1434 image4.pubmatic.com	27 KB
11	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1546 google-bidout-d.openx.net — Cisco Umbrella Rank: 1553 us-u.openx.net — Cisco Umbrella Rank: 605 u.openx.net — Cisco Umbrella Rank: 935	3 KB
8	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 864 ce.lijit.com — Cisco Umbrella Rank: 1118	7 KB
6	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545 ups.analytics.yahoo.com — Cisco Umbrella Rank: 356	3 KB
5	2mdn.net s0.2mdn.net	237 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	4 KB
5	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 396	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	69 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 986	2 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 195 www.google.com — Cisco Umbrella Rank: 3	734 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	306 KB
3	1rx.io 3 redirects sync.1rx.io	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 372	2 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1080	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 1004 idsync.rlcdn.com — Cisco Umbrella Rank: 462	1 KB
3	zemanta.com 3 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 667	2 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 437	736 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1025 s.tribalfusion.com — Cisco Umbrella Rank: 2306	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5515	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 964	616 B
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 1005	879 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 674	1 KB
2	outbrain.com 2 redirects sync.outbrain.com — Cisco Umbrella Rank: 928	1 KB
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 938	999 B
2	google.ca www.google.ca — Cisco Umbrella Rank: 8647	515 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1073 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036	12 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	258 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1031	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	135 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	86 KB
1	kargo.com crb.kargo.com	358 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 5912
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 421	514 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	584 B
1	clickagy.com 1 redirects aorta.clickagy.com — Cisco Umbrella Rank: 2484	428 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1490	637 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 5379	392 B
1	smartadserver.com 1 redirects ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 8228	277 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1735	665 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1691	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	896 B
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 176	2 KB
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	bfmio.com Failed sync.bfmio.com Failed
0	thrtle.com Failed thrtle.com Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	tapad.com Failed pixel.tapad.com Failed
187	57

	Domain	Requested by
37	static.tuasaude.com	www.tuasaude.com static.tuasaude.com
20	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com google-bidout-d.openx.net s.amazon-adsystem.com u.openx.net ssum-sec.casalemedia.com ce.lijit.com eus.rubiconproject.com ads.pubmatic.com
19	cm.g.doubleclick.net	14 redirects google-bidout-d.openx.net googleads.g.doubleclick.net ce.lijit.com eus.rubiconproject.com
10	pagead2.googlesyndication.com	www.tuasaude.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com 5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com www.googletagservices.com
9	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
7	us-u.openx.net	1 redirects google-bidout-d.openx.net u.openx.net ads.pubmatic.com
6	ce.lijit.com	1 redirects s.amazon-adsystem.com ce.lijit.com
5	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
5	s0.2mdn.net	www.tuasaude.com s0.2mdn.net 5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	match.adsrvr.org	5 redirects
5	www.google-analytics.com	www.tuasaude.com www.google-analytics.com www.googletagmanager.com
4	tpc.googlesyndication.com	www.tuasaude.com tpc.googlesyndication.com
4	ct.pinterest.com	s.pinimg.com www.tuasaude.com
4	www.googletagmanager.com	www.tuasaude.com www.googletagmanager.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	sync.1rx.io	3 redirects
3	x.bidswitch.net	3 redirects
3	ad.turn.com	3 redirects
3	ups.analytics.yahoo.com	2 redirects u.openx.net
3	ssum-sec.casalemedia.com	1 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
3	b1sync.zemanta.com	3 redirects
3	um.simpli.fi	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects google-bidout-d.openx.net ads.pubmatic.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	analytics.google.com	www.googletagmanager.com
3	c.amazon-adsystem.com	www.tuasaude.com c.amazon-adsystem.com
2	eb2.3lift.com	1 redirects ads.pubmatic.com
2	pixel-us-east.rubiconproject.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	pm.w55c.net	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	pippio.com	2 redirects
2	id.rlcdn.com	2 redirects
2	googleads.g.doubleclick.net	www.tuasaude.com pagead2.googlesyndication.com
2	ap.lijit.com	2 redirects
2	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com
2	ads.pubmatic.com	s.amazon-adsystem.com ads.pubmatic.com
2	creativecdn.com	2 redirects
2	sync.outbrain.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	oajs.openx.net	1 redirects www.tuasaude.com
2	www.google.ca	www.tuasaude.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	www.facebook.com	www.tuasaude.com
2	s.pinimg.com	www.tuasaude.com s.pinimg.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	connect.facebook.net	www.tuasaude.com connect.facebook.net
2	www.googletagservices.com	www.tuasaude.com
1	image4.pubmatic.com	ads.pubmatic.com
1	crb.kargo.com	ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	us01.z.antigena.com	ads.pubmatic.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	sync.targeting.unrulymedia.com	1 redirects
1	aorta.clickagy.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	idsync.rlcdn.com	u.openx.net
1	tags.rd.linksynergy.com	1 redirects
1	ssbsync-us.smartadserver.com	1 redirects
1	u.openx.net	s.amazon-adsystem.com
1	cs.media.net	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.google.com	www.tuasaude.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	sb.scorecardresearch.com	www.tuasaude.com
1	www.tuasaude.com
1	tuasaude.com	1 redirects
0	googleads4.g.doubleclick.net Failed	www.tuasaude.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	sync.bfmio.com Failed	ads.pubmatic.com
0	thrtle.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	pixel.tapad.com Failed	ads.pubmatic.com
187	87

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.instagram.com
www.facebook.com
www.pinterest.com
tuasaude.recruitee.com
aacihealthcare.com
www.rededorsaoluiz.com.br
www.dormaissaude.com.br

Subject Issuer	Validity	Valid
tuasaude.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
static.tuasaude.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-26` - `2023-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-10` - `2023-12-09`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.tuasaude.com/
Frame ID: FFFE3381A56B1214D92968701148DB83
Requests: 80 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t
Frame ID: E238A34169BE8F1BFBA919E2690A0C2A
Requests: 1 HTTP requests in this frame

Frame: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F2A262F7FF9773ABB90D27B9E9884E1
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8E5515C6DE1AD13FAF77E3DDA16BB9B0
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FA67D35D5EFA713C1BBD0CC6219FB7C6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 042414BA0CE9D02D542F3C8DCBE6045F
Requests: 5 HTTP requests in this frame

Frame: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6E6161757FB33700307AB27A0A7CDCB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 291DDB199713B5BE39075FD01B4DFEA7
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: F907AF208FFFFA031E729BE9DAF446E4
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 265986570261CC50D71D98E675BDC6E2
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS03X3o0a1NwRTJ1SmwyWVRPYVZQOGNpeUtiTkFtanNSdn5B
Frame ID: 052AE62D90CB5321AE5AF601B185F08F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 3A4E154F42BDAB938BD55C286DC3D5D7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=240977721975030030&gdpr=0&gdpr_consent=
Frame ID: 26415B6F2FAA1C319CFBDBB012A1E837
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 168D7D47D7C227296589AFCD12607C4F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEY68qv4AEwAQ&v=APEucNXFwlxNj57C0Hue3wviBL2ZZWM0uJe5c1WtTnjG-Ar7P2P_tgcogHNETVH3l_xdVraiT3eDcXU_-YD5hTxJl5ElS4q7wQ
Frame ID: E1D033B99E1BEB83240EADF01F00FA75
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C2809C54E4CFCA6ED4DE48074BEA67F4
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&redir=true&gdpr=0&gdpr_consent=
Frame ID: FD1A1061A2E328721A4316CF71637113
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB04C5CD1-92D5-4052-9676-9B83A32FD3AE
Frame ID: 1125CA0F584E67DE821713A0A13E48F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B68945DD9CF1F4F162A80D394E8B4AD
Requests: 3 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 35A02B02F67595C791516CB4814D8664
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5341192838680318770&gdpr=0&gdpr_consent=
Frame ID: A87BBC93D3BE66C7A6481F47ADB28ACA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0A406A785E17FA69643D09CC5B6D2B76
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB04C5CD1-92D5-4052-9676-9B83A32FD3AE
Frame ID: 4FB841A672120AF9A6B828AA8E777E8B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250
Frame ID: 7D3B7DB99FD5EFF7702C185CE7DF95DE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tua Saúde - Informação de confiança sobre saúde, nutrição e bem estar

Page URL History Show full URLs

http://tuasaude.com/ HTTP 307
https://tuasaude.com/ HTTP 301
https://www.tuasaude.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

187
Requests

72 %
HTTPS

0 %
IPv6

57
Domains

87
Subdomains

48
IPs

5
Countries

2284 kB
Transfer

4940 kB
Size

79
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@tuasaude
Title: Ver Canal

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tuasaude?sub_confirmation=1
Title: Conheça nosso canal

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tuasaude/
Title: Siga a gente no Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tuasaude/
Title: Siga a gente no Facebook

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tuasaude/
Title: Siga a gente no Pinterest

Search URL Search Domain Scan URL

URL: https://tuasaude.recruitee.com/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://aacihealthcare.com/certificates/c190-1-2023-trust-br/

Search URL Search Domain Scan URL

URL: https://www.rededorsaoluiz.com.br/?utm_source=tuasaude.com&utm_medium=desktop&utm_campaign=our-brands-footer
Title: Rede D'Or São Luíz

Search URL Search Domain Scan URL

URL: https://www.dormaissaude.com.br/?utm_source=tuasaude.com&utm_medium=desktop&utm_campaign=our-brands-footer
Title: D'Or mais saúde

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tuasaude.com/ HTTP 307
https://tuasaude.com/ HTTP 301
https://www.tuasaude.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp&cc=1

Request Chain 73

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t

Request Chain 83

https://match.adsrvr.org/track/cmf/openx?oxid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&ttd_puid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0&gdpr_consent=

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh&google_tc=

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArfCjx80cERmatrlXzbeGQ&google_cver=1

Request Chain 89

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.ad.smaato.net/c/?adExInit=aps&cookieCheck=1 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a89a0ecee3&gdpr=0&gdpr_consent=

Request Chain 90

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?id=96266468B6874716B7CCBE5D097794E5&ex=simpli.fi&status=ok

Request Chain 91

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3352820005669622000V10

Request Chain 92

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
https://sync.outbrain.com/sync-external?uid=6sJmOAMVRLuwuj8PWqIi&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I HTTP 302
https://creativecdn.com/cm-notify?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I&pi=outbrain&obUid=3_z9UNs1A98SSkiPOVDA4Ms4L9Dc1vmZmkfyajC7ymmRYALK-vEboTSwnl0Yy73d&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
https://creativecdn.com/cm-notify?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I&pi=outbrain&obUid=3_z9UNs1A98SSkiPOVDA4Ms4L9Dc1vmZmkfyajC7ymmRYALK-vEboTSwnl0Yy73d&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nCFcoabTzcUmYnBA9BFi&obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I&pi=outbrain&obUid=3_z9UNs1A98SSkiPOVDA4Ms4L9Dc1vmZmkfyajC7ymmRYALK-vEboTSwnl0Yy73d&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s&tc=1 HTTP 302
https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=6sJmOAMVRLuwuj8PWqIi

Request Chain 93

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 96

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS03X3o0a1NwRTJ1SmwyWVRPYVZQOGNpeUtiTkFtanNSdn5B

Request Chain 98

https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=240977721975030030&gdpr=0&gdpr_consent=

Request Chain 99

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 109

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
https://id.rlcdn.com/464246.gif?partner_uid=a204cb43-4029-4e40-b816-a265ae61b7e2 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYTIwNGNiNDMtNDAyOS00ZTQwLWI4MTYtYTI2NWFlNjFiN2UyEAAaDQjQzPimBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=b8d03b0da7978053549b80bbb868af28f201b0461a3aaff5f899349886b2bcf4791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiOGQwM2IwZGE3OTc4MDUzNTQ5YjgwYmJiODY4YWYyOGYyMDFiMDQ2MWEzYWFmZjVmODk5MzQ5ODg2YjJiY2Y0NzkxNDI2YjU0MTdkY2UyMRAAGgwI0cz4pgYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiOGQwM2IwZGE3OTc4MDUzNTQ5YjgwYmJiODY4YWYyOGYyMDFiMDQ2MWEzYWFmZjVmODk5MzQ5ODg2YjJiY2Y0NzkxNDI2YjU0MTdkY2UyMRAAGgwI0cz4pgYSBAgCEABCAEoA&google_gid=CAESEG96etUNfTR-pxY2GwEwRhA&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=b43145ed-51da-4ba3-a2c4-e5dbd287b8da

Request Chain 110

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5341192838680318770

Request Chain 111

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 112

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZN4mUAAAAyOoQAA4 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN4mUAAAAyOoQAA4&_test=ZN4mUAAAAyOoQAA4

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

Request Chain 117

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&expiration=1694872400&gdpr=0&gdpr_consent=

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAAAIYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHeMi9hh5g2WX3HSDlqDgp0&google_cver=1

Request Chain 119

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=zvzzWuOs1QwDre5

Request Chain 120

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=640805bc-f8ab-43b6-b670-b1317108d2ec&ssp=index&expires=30&user_group=5&bsw_param=a14903c2-feaa-429f-a0b3-951cd5b52eda HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=&us_privacy=

Request Chain 121

https://ums.acuityplatform.com/tum?umid=8 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=815026752044

Request Chain 122

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZN4mUE1VLSPQLpRKbP4jNQAA HTTP 302
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZN4mUE1VLSPQLpRKbP4jNQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107181795025

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBySxRT9H6tpJMJUpdY2Vlk&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MTE5MjgzODY4MDMxODc3MA%3D%3D

Request Chain 133

https://um.simpli.fi/lj_match?r=1692280400485&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=96266468B6874716B7CCBE5D097794E5

Request Chain 134

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SEtwQmFQWkhvMTh1V2phX1Q2YThVTWlq&gdpr=0

Request Chain 135

https://aorta.clickagy.com/pixel.gif?ch=185&cm=HKpBaPZHo18uWja_T6a8UMij&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7

Request Chain 136

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LLF824NX-1N-HAVQ&gdpr=0

Request Chain 137

https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1692280403999 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7267836971 HTTP 302
https://sync.1rx.io/usersync/turn/7324548135155167890?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005 HTTP 302
https://ce.lijit.com/merge?pid=97&3pid=RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005

Request Chain 138

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLF82205-24-KOWW HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LLF82205-24-KOWW&ex=d-rubiconproject.com&status=ok

Request Chain 145

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzg0ZTA1MjE2Y2M0ZWUwNDZlOWY1NTY3ZDhhOGU5YzlkNDJiYzA0Ng

Request Chain 146

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/0BHsFsSBQLY3UwsKEF7wqsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l_k4.TFE2oKwLsBB99WNr4Jbtp7EJ2oTXHJwkQ--~A

Request Chain 147

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGODIyMDUtMjQtS09XVw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYzrv8qNCUAJ3h2TT2tHdg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGODIyMDUtMjQtS09XVw==&google_push=

Request Chain 148

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fK1yqf-aRzm9Wm8FdcAOhA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fK1yqf-aRzm9Wm8FdcAOhA

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBInIto61QRmflFLO-O-kv8&google_cver=1

Request Chain 150

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLF82205-24-KOWW

Request Chain 151

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=&expires=30

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sExc0ZLVQFKWdpuDoy_Trg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 157

https://eb2.3lift.com/xuid?mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjA0QzVDRDEtOTJENS00MDUyLTk2NzYtOUI4M0EzMkZEM0FF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWELbAPiC_WEkoQlgl-49A&google_cver=1

Request Chain 160

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:96266468B6874716B7CCBE5D097794E5

Request Chain 161

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=

Request Chain 170

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5341192838680318770&gdpr=0&gdpr_consent=

Request Chain 177

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JxBLaVlE2uUWiA0VP15X0ahUoV19d2s-~A&gdpr=0

Request Chain 178

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=

187 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tuasaude.com/
Redirect Chain

http://tuasaude.com/
https://tuasaude.com/
https://www.tuasaude.com/

97 KB
18 KB

66ms
54ms

Document
text/html

144.217.72.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tuasaude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.217.72.55 Beauharnois, Canada, ASN16276 (OVH, FR),

Reverse DNS

ca.a.tuasaude.com

Software

nginx /

Resource Hash

8652fb2d50ca189c20224485b2d692a7b0cf9e7e221b631d49768ea289463527

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
cache-control: s-max-age=7200, stale-while-revalidate=2592000
content-encoding: gzip
content-length: 18259
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:53:17 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: X-User-Agent-Mobile,X-User-Agent-Facebook,X-Requested-With,Spa,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge

Redirect headers

cache-control: max-age=0
content-length: 233
content-type: text/html; charset=iso-8859-1
date: Thu, 17 Aug 2023 13:53:17 GMT
location: https://www.tuasaude.com/
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent
x-frame-options: SAMEORIGIN

GET
H2 200 homepage-desktop-style-1568.css
static.tuasaude.com/resources/harmony/css/ 83 KB
15 KB 206ms
58ms Stylesheet
text/css 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

974513082ca4f0198e25c1d702639d0446bb77fe96146e6c55833fd44692943f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 894
cdn-cachedat: 08/17/2023 12:28:45
cdn-pullzone: 113777
last-modified: Thu, 17 Aug 2023 12:28:00 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
cdn-requestid: 02695f093cd2abbea99ca1a0270f78ce
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-group-rdor-white.png
static.tuasaude.com/layout/harmony/img/ 4 KB
5 KB 202ms
55ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/layout/harmony/img/logo-group-rdor-white.png
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 590ec920f36aa1901c72013f82a86891dcf6584db069e3900104456f0f9ae1d7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 6615
cdn-edgestorageid: 940
x-bo-processingtime: 0
cdn-cachedat: 05/02/2023 15:53:18
cdn-pullzone: 113777
content-length: 4194
x-bo-server: LA-242
last-modified: Tue, 02 May 2023 15:53:18 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 69
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 36.6%
cdn-requestid: 110de0a6c8fd3cff3e9d1b3a166034df
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-tuasaude.png
static.tuasaude.com/layout/harmony/img/ 2 KB
2 KB 56ms
55ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/layout/harmony/img/logo-tuasaude.png
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 6672c66da37c824863f5c87967540777ffc1043f7c9f4aa49c4605cb0e98fa87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 2117
cdn-edgestorageid: 845
x-bo-processingtime: 0
cdn-cachedat: 05/27/2023 17:53:23
cdn-pullzone: 113777
content-length: 1694
x-bo-server: LA-220
last-modified: Sat, 27 May 2023 17:53:23 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 70
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 19.98%
cdn-requestid: e0272fff8b47730c2c0c135d90bbfe67
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tratamento-com-ozonio_30358_l.webp
static.tuasaude.com/media/article/gp/ve/ 23 KB
23 KB 62ms
62ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/gp/ve/tratamento-com-ozonio_30358_l.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: d44127375b242684dd61770404907e887f03710bf5d4b9c48275c3f09ca2cbc7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 24090
cdn-edgestorageid: 1069
x-bo-processingtime: 2
cdn-cachedat: 08/07/2023 13:33:25
cdn-pullzone: 113777
content-length: 23258
x-bo-server: LA-240
last-modified: Mon, 07 Aug 2023 13:33:25 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 73
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.45%
cdn-requestid: cea68170d1a53e1ca41500d772d90782
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dieta-da-fruta_7728_l.webp
static.tuasaude.com/media/article/jd/xj/ 27 KB
28 KB 75ms
74ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/jd/xj/dieta-da-fruta_7728_l.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 086917efafa4a37efc3a0dfc6b56381792342e58041eb38f31f092316ee33385

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 26670
cdn-edgestorageid: 1069
x-bo-processingtime: 3
cdn-cachedat: 08/06/2023 19:49:13
cdn-pullzone: 113777
content-length: 28066
x-bo-server: LA-221
last-modified: Sun, 06 Aug 2023 19:49:13 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 70
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 3d8d0350b844e1a92289dbe0dcaa296c
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-tuasaude-rdor.png
static.tuasaude.com/layout/harmony/img/ 2 KB
2 KB 86ms
85ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/layout/harmony/img/logo-tuasaude-rdor.png?x=1
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: b49aeb1650b43f303f37eb030febf655a0a9579ae229efe674aa5cccfbce480e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 2402
cdn-edgestorageid: 1067
x-bo-processingtime: 0
cdn-cachedat: 04/25/2023 12:45:36
cdn-pullzone: 113777
content-length: 1710
x-bo-server: LA-237
last-modified: Tue, 25 Apr 2023 12:45:36 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 68
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 28.81%
cdn-requestid: 4377f7e83fd085377f6ddd63e8335b22
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 banner-find-doctor.png
static.tuasaude.com/layout/harmony/img/ 24 KB
25 KB 93ms
92ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/layout/harmony/img/banner-find-doctor.png?x=3
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: a0452fafa1ef8d98b6ace3f7ed00e9c8a6fe77ecdf643159eac9c25a5b27e0bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 215877
cdn-edgestorageid: 718
x-bo-processingtime: 2
cdn-cachedat: 04/27/2023 12:33:05
cdn-pullzone: 113777
content-length: 24930
x-bo-server: LA-216
last-modified: Thu, 27 Apr 2023 12:33:05 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 262
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 88.45%
cdn-requestid: 051d0720469da07fd979e8b91ee5f42b
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 homepage-script-1568.js Show response
static.tuasaude.com/resources/harmony/js/ 39 KB
13 KB 100ms
99ms Script
application/javascript 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/resources/harmony/js/homepage-script-1568.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

8a9d5fdc31b1ab3bb105f8a1f8f05af0c104791629a515dddec88f25c5958aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 845
cdn-cachedat: 08/17/2023 12:28:48
cdn-pullzone: 113777
last-modified: Mon, 07 Aug 2023 12:14:53 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
cdn-requestid: 5c59dc0d7869453b1686cbeffb4ab086
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 95 KB
29 KB 144ms
69ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

a964eca25789405472229a88e2835093ecb46e64e644eb5c43da6db0f748b464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29063
x-xss-protection: 0
server: cafe
etag: 569 / 19586 / m202308100101 / config-hash: 12093722524017253248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
61 KB 134ms
33ms Script
application/javascript 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:26:37 GMT
content-encoding: gzip
via: 1.1 7647900066f27cd4f2527ccd35957978.cloudfront.net (CloudFront), 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 20:50:38 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5, CMH68-P4
age: 1602
x-amz-server-side-encryption: AES256
etag: W/"93708b50a97059783aafdf3c6548167d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 0C5LYfb0ssBRn4iY_3TT9W1xg4KpawKZbW7s-5ZIGMrjxx116-ZVvg==

GET
H2 200 ts.woff2
static.tuasaude.com/resources/harmony/fonts/ 6 KB
7 KB 241ms
133ms Font
font/woff2 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/resources/harmony/fonts/ts.woff2?p=20230817

Requested by

Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

c3fd9237057d281b0901ea337ed40f521a05e7252a98ad7a3d2163b51a652653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css
Origin: https://www.tuasaude.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 718
cdn-cachedat: 08/17/2023 12:28:36
cdn-pullzone: 113777
content-length: 6576
last-modified: Thu, 27 Jul 2023 16:51:57 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 206
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6cbd6a2f8535d8dbbb6b980d9629fa68
accept-ranges: bytes
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Rubik-Medium.ttf
static.tuasaude.com/fonts/harmony/ 122 KB
62 KB 241ms
134ms Font
font/ttf 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/fonts/harmony/Rubik-Medium.ttf

Requested by

Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

df17aec2792d6f1fd1772dbfc95577c98f2bcac431441afad7720b6fe6a44ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css
Origin: https://www.tuasaude.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cdn-edgestorageid: 718
cdn-cachedat: 08/17/2023 09:26:45
cdn-pullzone: 113777
last-modified: Fri, 24 Feb 2023 16:55:22 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 206
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: ff5e1f33e609d0db41621c9e64e356b2
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Rubik-Regular.ttf
static.tuasaude.com/fonts/harmony/ 122 KB
62 KB 175ms
67ms Font
font/ttf 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/fonts/harmony/Rubik-Regular.ttf

Requested by

Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

6130b0b996b9206b3a3a3882177a56f3b11aa70074feb1a6a9367539bccbfee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css
Origin: https://www.tuasaude.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cdn-edgestorageid: 1069
cdn-cachedat: 07/11/2023 22:23:31
cdn-pullzone: 113777
last-modified: Fri, 24 Feb 2023 16:55:22 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 206
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: dc093b2b337c1156b775e5524d054166
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Rubik-SemiBold.ttf
static.tuasaude.com/fonts/harmony/ 122 KB
62 KB 242ms
134ms Font
font/ttf 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tuasaude.com/fonts/harmony/Rubik-SemiBold.ttf

Requested by

Host: static.tuasaude.com
URL: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

185-93-1-246.bunnyinfra.net

Software

BunnyCDN-IL1-871 /

Resource Hash

029548e6933ae9083b9be422ed6f21b9c6f492d7f1649df1b04a6fbd64f9e425

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://static.tuasaude.com/resources/harmony/css/homepage-desktop-style-1568.css
Origin: https://www.tuasaude.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cdn-edgestorageid: 1069
age: 0
cdn-cachedat: 03/13/2023 03:09:16
cdn-pullzone: 113777
last-modified: Fri, 24 Feb 2023 16:55:22 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3505a9f617ad02f2a5fe791b78d2f2d4
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cranberry_61234_m.webp
static.tuasaude.com/media/article/nr/wd/ 13 KB
14 KB 65ms
54ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/nr/wd/cranberry_61234_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 7a58e590065ea5f6bd8564abeb6ac06788a0fb4031dc7704ef0f4f5d0144d502

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 13930
cdn-edgestorageid: 871
x-bo-processingtime: 1
cdn-cachedat: 08/11/2023 12:30:19
cdn-pullzone: 113777
content-length: 13576
x-bo-server: LA-237
last-modified: Fri, 11 Aug 2023 12:30:19 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 70
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 2.54%
cdn-requestid: b7a1f813d1f75bed63269e4755635615
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 borax_29549_m.webp
static.tuasaude.com/media/article/ye/mp/ 10 KB
10 KB 68ms
52ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/ye/mp/borax_29549_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 07b1944cfd7c142b270f79cda1982004c30b22644c44d3829b6d93f20170a363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 10412
cdn-edgestorageid: 940
x-bo-processingtime: 0
cdn-cachedat: 07/30/2023 20:44:40
cdn-pullzone: 113777
content-length: 10062
x-bo-server: LA-242
last-modified: Sun, 30 Jul 2023 20:44:39 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 77
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.36%
cdn-requestid: 065fdf0f3c67398905998e514b4e378c
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 selagem-capilar-caseira_57255_m.webp
static.tuasaude.com/media/article/jc/ol/ 9 KB
9 KB 69ms
53ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/jc/ol/selagem-capilar-caseira_57255_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: bc71c25d3510fdda2060d656ec8f5704d23f33fe9b89f280ad089c366ac18c64

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 9018
cdn-edgestorageid: 1070
x-bo-processingtime: 0
cdn-cachedat: 08/07/2023 09:34:14
cdn-pullzone: 113777
content-length: 8726
x-bo-server: LA-244
last-modified: Mon, 07 Aug 2023 09:34:14 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 72
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.24%
cdn-requestid: 432a5c4066fe3957a4bb8ccad18121bf
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 constelacao-familiar_36136_m.webp
static.tuasaude.com/media/article/yi/wd/ 12 KB
12 KB 82ms
67ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/yi/wd/constelacao-familiar_36136_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 14c12c05c03cb1dfed9de4ee40310b53d7619550e0c72f0d8cec64332d026e20

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 12596
cdn-edgestorageid: 871
x-bo-processingtime: 1
cdn-cachedat: 08/17/2023 09:30:41
cdn-pullzone: 113777
content-length: 12124
x-bo-server: LA-241
last-modified: Thu, 17 Aug 2023 09:30:41 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 0
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.75%
cdn-requestid: 40ef78b54bcb872e7be256993d386cff
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 649c51b22aa0b.jpg
static.tuasaude.com/media/theme/hj/hs/ 61 KB
61 KB 70ms
55ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/theme/hj/hs/649c51b22aa0b.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 1529d917385280ebaaaf0aef7aa493cefbec92595b82d26d14284000a4b72275

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 387600
cdn-edgestorageid: 1067
x-bo-processingtime: 8
cdn-cachedat: 08/17/2023 09:30:41
cdn-pullzone: 113777
content-length: 61958
x-bo-server: LA-237
last-modified: Thu, 17 Aug 2023 09:30:41 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 82
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 84.01%
cdn-requestid: 2318127d1e6316778e63426016e14ecb
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6494658ed3ce9.jpg
static.tuasaude.com/media/theme/yl/dh/ 21 KB
21 KB 83ms
68ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/theme/yl/dh/6494658ed3ce9.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 29e5f3a869e27ac814e94139625b9888dcc2159f51498939c8fc30246bff4852

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 161712
cdn-edgestorageid: 1029
x-bo-processingtime: 3
cdn-cachedat: 08/11/2023 03:06:00
cdn-pullzone: 113777
content-length: 21406
x-bo-server: LA-236
last-modified: Fri, 11 Aug 2023 03:06:00 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 72
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 86.76%
cdn-requestid: d4b28c2ed0c0c1b3a3ee3a7390fbf098
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6411ecfd06524.jpg
static.tuasaude.com/media/theme/jt/yc/ 6 KB
6 KB 86ms
71ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/theme/jt/yc/6411ecfd06524.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 8f9fcc643518fba97c44570485f196b7d717e87af76b6fb877ca071a9a923de8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 32920
cdn-edgestorageid: 940
x-bo-processingtime: 0
cdn-cachedat: 03/17/2023 10:00:30
cdn-pullzone: 113777
content-length: 5664
x-bo-server: LA-156
last-modified: Fri, 17 Mar 2023 10:00:30 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 71
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 82.79%
cdn-requestid: ac0e4f06b747a3da23ceeab923e6a824
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 649c528d5bd30.jpg
static.tuasaude.com/media/theme/mi/af/ 77 KB
77 KB 86ms
72ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/theme/mi/af/649c528d5bd30.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 01533d8ed25f4fb672920f1ceb9c8d52f268e84ca0d83793599540078c4e1cfc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 535107
cdn-edgestorageid: 1067
x-bo-processingtime: 13
cdn-cachedat: 06/28/2023 15:34:01
cdn-pullzone: 113777
content-length: 78764
x-bo-server: LA-242
last-modified: Wed, 28 Jun 2023 15:34:01 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 144
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 85.28%
cdn-requestid: 97fbe1d1dcee4ce12d7bac32042acc85
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 staphylococcus_32887_m.webp
static.tuasaude.com/media/article/dv/pt/ 11 KB
11 KB 86ms
72ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/dv/pt/staphylococcus_32887_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: b4a482b47a1fec24e541c78a0563a1f4dc9a8b6f51a99cbf5fa1d342a3347b54

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 11234
cdn-edgestorageid: 1070
x-bo-processingtime: 0
cdn-cachedat: 08/15/2023 11:49:07
cdn-pullzone: 113777
content-length: 10826
x-bo-server: LA-237
last-modified: Tue, 15 Aug 2023 11:49:07 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 73
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.63%
cdn-requestid: ecece318c03b577f562a78997079d0c2
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 streptococcus_31992_m.webp
static.tuasaude.com/media/article/tt/ii/ 10 KB
10 KB 110ms
96ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/tt/ii/streptococcus_31992_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: de063d1345f75bbeb28f7748652717e544899bf8e518de37cb55ed215b99f655

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 10030
cdn-edgestorageid: 894
x-bo-processingtime: 1
cdn-cachedat: 08/15/2023 17:37:17
cdn-pullzone: 113777
content-length: 9846
x-bo-server: LA-236
last-modified: Tue, 15 Aug 2023 17:37:17 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 70
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 1.83%
cdn-requestid: 3334f71f3991c70b22f1d1be63d07fb9
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 zimbro_3312_m.webp
static.tuasaude.com/media/article/da/jt/ 16 KB
17 KB 110ms
97ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/da/jt/zimbro_3312_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 9e271e920684f0a8dea5ccc561a4f832f0f78b554765fa224ef4318d286575db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 16878
cdn-edgestorageid: 894
x-bo-processingtime: 1
cdn-cachedat: 08/14/2023 14:03:21
cdn-pullzone: 113777
content-length: 16518
x-bo-server: LA-221
last-modified: Mon, 14 Aug 2023 14:03:21 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 76
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 2.13%
cdn-requestid: b56437df7787ab56d9b0a2b6db51ceba
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jejum-intermitente_37164_m.webp
static.tuasaude.com/media/article/tq/mk/ 8 KB
8 KB 108ms
95ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/tq/mk/jejum-intermitente_37164_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 604ab12d591fd7812876734842524006798a40a6b94d89f1a98ae36d37686ba0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 8658
cdn-edgestorageid: 845
x-bo-processingtime: 0
cdn-cachedat: 08/06/2023 00:11:49
cdn-pullzone: 113777
content-length: 8062
x-bo-server: LA-220
last-modified: Sun, 06 Aug 2023 00:11:49 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 70
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 6.88%
cdn-requestid: 05f8b0f3de6c6c7a471a103e7829e2bb
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 como-calcular-imc-infantil_4024_m.webp
static.tuasaude.com/media/article/p5/o4/ 14 KB
14 KB 104ms
90ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/p5/o4/como-calcular-imc-infantil_4024_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 36eca59a20fd826ca7e79c3a4c51de839b9e5b774b6f6662d6e2c53fb3b5b18f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 14500
cdn-edgestorageid: 1069
x-bo-processingtime: 1
cdn-cachedat: 08/12/2023 17:08:11
cdn-pullzone: 113777
content-length: 14024
x-bo-server: LA-242
last-modified: Sat, 12 Aug 2023 17:08:10 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 1039
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 3.28%
cdn-requestid: 2b9e8a535bac53b41616f8121fc857b3
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 exame-anti-hbs_32670_m.webp
static.tuasaude.com/media/article/xe/hm/ 6 KB
7 KB 104ms
91ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/article/xe/hm/exame-anti-hbs_32670_m.webp
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: df4f0103675c7dde283c9e092a04991b2f332a17f49544c5012af3c8a49d5444

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 6600
cdn-edgestorageid: 1069
x-bo-processingtime: 0
cdn-cachedat: 08/17/2023 09:30:20
cdn-pullzone: 113777
content-length: 6418
x-bo-server: LA-237
last-modified: Thu, 17 Aug 2023 09:30:20 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 71
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 2.76%
cdn-requestid: fd8554d457edab0b1d0fef97daa76f44
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 original.png
static.tuasaude.com/media/topic_subject_element/bt/nt/64a302d239fe4/ 24 KB
24 KB 99ms
92ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/bt/nt/64a302d239fe4/original.png
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 493c7bc338f642d266da8a7689872450f4d312f8230855530f6eeb8b4c6a02b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 69584
cdn-edgestorageid: 1069
x-bo-processingtime: 7
cdn-cachedat: 08/17/2023 09:30:20
cdn-pullzone: 113777
content-length: 24306
x-bo-server: LA-221
last-modified: Thu, 17 Aug 2023 09:30:20 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 71
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 65.07%
cdn-requestid: b042283db99b2402dd2e5fb013df235f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/hx/qf/63b3081f5446e/ 36 KB
37 KB 99ms
92ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/hx/qf/63b3081f5446e/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 7985d75dbaeedfa0494d934b3d3754602e5b2c345d2a68c0dc680cc974a61029

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 157863
cdn-edgestorageid: 1067
x-bo-processingtime: 8
cdn-cachedat: 03/17/2023 10:03:49
cdn-pullzone: 113777
content-length: 37086
x-bo-server: LA-121
last-modified: Fri, 17 Mar 2023 10:03:49 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 75
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 76.51%
cdn-requestid: 68aa8f71d55a06c3bdb1658354704a9f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/dl/ye/63f5e2eacfd8e/ 25 KB
26 KB 103ms
96ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/dl/ye/63f5e2eacfd8e/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 0ea5d5b963a524c63f0060d4481921b45a93f73fd826f58d4cbefb3740f3a02f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 129015
cdn-edgestorageid: 1029
x-bo-processingtime: 5
cdn-cachedat: 07/23/2023 12:30:19
cdn-pullzone: 113777
content-length: 25980
x-bo-server: LA-240
last-modified: Sun, 23 Jul 2023 12:30:19 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 75
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 79.86%
cdn-requestid: 315af3dcd60bfde27984d4ac6655a551
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/tu/ie/64c8ed5149e9b/ 36 KB
37 KB 100ms
94ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/tu/ie/64c8ed5149e9b/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 6ee04346ea6d6b67889969ec6ad3e62c3f0a3c6139417e3bd6fa40b15e63d46b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 166192
cdn-edgestorageid: 871
x-bo-processingtime: 77
cdn-cachedat: 08/01/2023 17:59:02
cdn-pullzone: 113777
content-length: 37370
x-bo-server: LA-237
last-modified: Tue, 01 Aug 2023 17:59:02 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 71
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 77.51%
cdn-requestid: 2f5eaa70c38fdcb8d12736be3ff7c388
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/up/hr/63be865ea692e/ 50 KB
50 KB 101ms
94ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/up/hr/63be865ea692e/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: c8ffd0483cb87037b735d0a28e75da79edcb55040c39936d5e62ef206e8da38e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 192414
cdn-edgestorageid: 845
x-bo-processingtime: 7
cdn-cachedat: 03/13/2023 10:21:18
cdn-pullzone: 113777
content-length: 51074
x-bo-server: LA-216
last-modified: Mon, 13 Mar 2023 10:21:18 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 77
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 73.46%
cdn-requestid: b57f27a20fdcc6e814dd162df8696bcf
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/bh/tl/64c8ed89844f9/ 31 KB
31 KB 99ms
93ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/bh/tl/64c8ed89844f9/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 72eca2dc8243007f7ecc2329b5a32a9a6c3dd1d18dbfa78069776f84d86bd810

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 143305
cdn-edgestorageid: 1067
x-bo-processingtime: 6
cdn-cachedat: 08/01/2023 11:33:31
cdn-pullzone: 113777
content-length: 31386
x-bo-server: LA-241
last-modified: Tue, 01 Aug 2023 11:33:31 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 282
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 78.1%
cdn-requestid: 0b19e3d4ed7f664588b50c7689118e66
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 l.jpg
static.tuasaude.com/media/topic_subject_element/dj/hu/64c8edb250f4b/ 37 KB
38 KB 101ms
95ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/dj/hu/64c8edb250f4b/l.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: e9a00a25b65067adc3188475b310d848aa3b84f67d0b309007d7249622e40070

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 166077
cdn-edgestorageid: 1070
x-bo-processingtime: 6
cdn-cachedat: 08/01/2023 11:34:11
cdn-pullzone: 113777
content-length: 38226
x-bo-server: LA-242
last-modified: Tue, 01 Aug 2023 11:34:11 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 84
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 76.98%
cdn-requestid: ac403ccfb8498ce0da785a78c0c16f9c
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 original.jpg
static.tuasaude.com/media/topic_subject_element/cj/dv/649eeaa7df526/ 41 KB
41 KB 101ms
95ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/cj/dv/649eeaa7df526/original.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 25788721fd0396ed6c4037d6031619f4516d0b7014f4a1d8ff87e72e831dba45

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 391564
cdn-edgestorageid: 1068
x-bo-processingtime: 9
cdn-cachedat: 07/27/2023 23:30:41
cdn-pullzone: 113777
content-length: 41870
x-bo-server: LA-220
last-modified: Thu, 27 Jul 2023 23:30:40 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 149
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 89.31%
cdn-requestid: 8698b9823fc78955174e99af3c1db21d
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 original.jpg
static.tuasaude.com/media/topic_subject_element/ro/zn/649eeab6146f5/ 43 KB
44 KB 102ms
96ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/ro/zn/649eeab6146f5/original.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 00e055020368816daf8c19674e3d5e109ea891718d2b2f833777ee3fdc90a338

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 602697
cdn-edgestorageid: 1029
x-bo-processingtime: 13
cdn-cachedat: 07/25/2023 04:30:40
cdn-pullzone: 113777
content-length: 44434
x-bo-server: LA-221
last-modified: Tue, 25 Jul 2023 04:30:39 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 212
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 92.63%
cdn-requestid: afa56ba6b2aec8d8f038d2e69f3cf883
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 101ms
27ms Script
application/javascript 3.160.5.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.5.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-91.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:03:15 GMT
content-encoding: gzip
via: 1.1 949219e108de746f94237ff81555dda2.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P4
age: 10204
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: kOgZDBU8irofK1SJqvrYoYNbjuHd-l6ugDibMfHjq7Gu7XzB7Aw9MQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 104ms
32ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:53:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47245
x-xss-protection: 0
pragma: public
x-fb-debug: UVRkCP1iJH65heMHoJ01Q69+AjcLPvj0XmYpzjJa0Xk5H/xdWe9ujGU3ZYEz6qLXicrte/iqQEnMScaMEtcUrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 136ms
25ms Script
text/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Aug 2023 12:37:29 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4549
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 17 Aug 2023 14:37:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
69 KB 189ms
80ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8S2MQM&l=crossDataLayer

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cee317e418c92c6cdbf79881a463e10015f3e894989f73bac8666f54b9ab34c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70160
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
68 KB 162ms
53ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a3b7614f8a49de9a8cf09a891ca3c24266de440df99ba0cd556ad3bacd544ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69006
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 original.jpg
static.tuasaude.com/media/topic_subject_element/zk/dz/649eeec9f09ac/ 20 KB
20 KB 71ms
69ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/zk/dz/649eeec9f09ac/original.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: ab19e1e82c5b7e2f4422425a85a1c371a3fd2eea9a63abc927c305fe8437f401

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 304129
cdn-edgestorageid: 871
x-bo-processingtime: 8
cdn-cachedat: 06/30/2023 15:05:16
cdn-pullzone: 113777
content-length: 20448
x-bo-server: LA-221
last-modified: Fri, 30 Jun 2023 15:05:16 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 73
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 93.28%
cdn-requestid: 9d89d3d1f4685f3a03cf735607b23a1f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 original.jpg
static.tuasaude.com/media/topic_subject_element/yh/wp/649eead6584c3/ 36 KB
36 KB 72ms
70ms Image
image/webp 185.93.1.246
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tuasaude.com/media/topic_subject_element/yh/wp/649eead6584c3/original.jpg
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.246 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 185-93-1-246.bunnyinfra.net
Software: BunnyCDN-IL1-871 /
Resource Hash: 6243857a6ed9257f1dcc61d8e23653c363641d409bbe38af947f65d2271ad2f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
x-downloadsize: 526943
cdn-edgestorageid: 1029
x-bo-processingtime: 12
cdn-cachedat: 06/30/2023 14:47:15
cdn-pullzone: 113777
content-length: 36762
x-bo-server: LA-241
last-modified: Fri, 30 Jun 2023 14:47:14 GMT
server: BunnyCDN-IL1-871
cdn-proxyver: 1.03
cdn-requestpullcode: 200
x-bo-origindownloadtime: 423
content-type: image/webp
cdn-cache: HIT
cdn-uid: b190520a-8459-484f-95dd-26ba4984e846
cache-control: public, max-age=31919000
x-bo-compressionratio: 93.02%
cdn-requestid: 92b2d560c80ae3ba0310c880d748bc30
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 400 KB
127 KB 149ms
41ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 14:17:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84932
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129087
x-xss-protection: 0
server: cafe
etag: 2193028555055074692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 Aug 2024 14:17:46 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 41ms
30ms XHR
text/plain 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tuasaude.com&pubid=fbd71602-861a-434f-bce7-5c91ff7aeff8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 10:24:18 GMT
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P4
age: 12539
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.tuasaude.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: E2EAi0EKAvQofUC4EQwpzxZO1kK9YKfJyeCXsnA12MshTi4FUDcg-Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 86ms
27ms XHR
application/javascript 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 4b1f2d5e8ba06f891aac0914bfcf0ce0.cloudfront.net (CloudFront)
date: Thu, 17 Aug 2023 08:59:10 GMT
x-amz-cf-pop: CMH68-P4
age: 17679
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: p3eb965C9Cc6V8hY5a_mS22-bHvmYCIKa6cKWlRbvoIXeExm9qXAfQ==

GET
H2 200 162861800730320 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 35ms
34ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/162861800730320?v=2.9.123&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

cbdb100b2b63bc5934671a532e1483b44eb101ad62ac929b9a8f8e4171dbc3e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 17 Aug 2023 13:53:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89609
x-xss-protection: 0
pragma: public
x-fb-debug: WRYystpTsW+dMkCmebQPXY4sfyvDGUG9y5iYmWDmriDGQSeMkFPVIuidKo658VeVpHT39UsUshx/lDHLR4rn3Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 122 KB
48 KB 64ms
61ms Script
application/javascript 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KBJZXMC&cid=1986060028.1692280399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

172ab34e35e09c3a71e078a7fc6cfa491f3ca0a54e112cf2adcf2f60aa4b33e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48698
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 140ms
40ms Script
application/javascript 146.75.28.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4390638e76d0b4b63b9c290db13a9ad38a82736135af43e86ee154491ccd2cd4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
x-cdn: fastly
etag: "7dab9fb913eecdc09be06c97ce01ae2a"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1471

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
89 KB 67ms
56ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8PXWDX&l=tsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bb465714514141b016e740899b28d7e3388c0ee64cee29a62bae8f108ad99883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 107ms
33ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=162861800730320&ev=PageView&dl=https%3A%2F%2Fwww.tuasaude.com%2F&rl=&if=false&ts=1692280398682&sw=1600&sh=1200&v=2.9.123&r=stable&ec=0&o=30&fbp=fb.1.1692280398679.882874710&it=1692280398525&coo=false&rqm=GET

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 13:53:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 54ms
53ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KMLKQF5N2B&l=crossDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8S2MQM&l=crossDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3bf71c8c06c39c0608605e2f0d6a8a186aa5e0ea305414a6fb748700f34351c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 17 Aug 2023 13:53:18 GMT

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22fbd71602-861a-434f-bce7-5c91ff7aeff8%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
417 B 185ms
42ms Fetch
image/gif 108.156.180.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%22fbd71602-861a-434f-bce7-5c91ff7aeff8%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.tuasaude.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.180.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-180-227.cmh68.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:18 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 74fa88947236efdd15ba1f4510868e00.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P2
x-amz-rid: QHNQFKK6JAS3F8JFNZBH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 9700auEsSCOtCpSCPtw1itDyJCV5dvEyHBZrzfIFX7xo84zEZ8IsTw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 654 B
1 KB 259ms
138ms XHR
text/javascript 108.156.180.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tuasaude.com%2F&pid=FUtfZsA3xiKmp&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22divGptAd_ts_sticky_footer_mobile%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F92076944%2FTS-STICKY-FOOTER-MOBILE%22%7D%2C%7B%22sd%22%3A%22divGptAd_ts_sticky_footer_desktop%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F92076944%2FTS-STICKY-FOOTER-DESKTOP%22%7D%5D&pubid=fbd71602-861a-434f-bce7-5c91ff7aeff8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.180.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-180-227.cmh68.r.cloudfront.net

Software

Server /

Resource Hash

58fb35fca80008dfe77445b0d7c287c4b6ee424077461763cc2ad94b9ff4e485

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fa84a65a8524de3d36ea32628a227200.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P2
x-amz-rid: J7WJWZKJ55B3VGQ19TW2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tuasaude.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 654
x-amz-cf-id: MsSKW1Or7XTX8qslRaqKx1mcPDG-js9_LWPqJbniB0clQce2_E0mFw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 66ms
17ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:53:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9181
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4536-YYZ
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 105ms
30ms Script
text/javascript 3.160.22.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.22.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-22-127.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:35:10 GMT
content-encoding: gzip
via: 1.1 47214a5a56c101a011a23591db3cc7d8.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P3
age: 8289
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7Anb7nmnfY-RzcK2pgS-iLhzpO6dNo8dv0cBUAtsduI4u8t0sdK-XA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 132ms
26ms Script
text/javascript 3.160.4.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.4.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-4-198.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 17 Aug 2023 03:14:57 GMT
Via: 1.1 e826e01cc4bc0a413496d51238909c7a.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CMH68-P4
Age: 38302
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: Y3IfCnQJbNbE7aPA87LR78Fz5G7-3c33quGfP1DCnGqTL7lzwj244Q==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 66ms
19ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:41:04 GMT
content-encoding: gzip
age: 1714334
x-guploader-uploadid: ADPycdvDvZe0Z01jCdHT5Ecf289gk-a53knvKZbHffJXvAwkZSFzklBw6kQIW_HDwuJvNMt9v7xv5p8DSdxbFR7DbWj_RQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 27 Jul 2024 17:41:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 48ms
47ms XHR
text/plain 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1305701531&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuasaude.com%2F&ul=en-us&de=UTF-8&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAACAAI~&jid=1961146843&gjid=495934225&cid=1986060028.1692280399&tid=UA-10615049-1&_gid=1979998053.1692280399&_r=1&_slc=1&cd2=harmony&cd18=pt&z=1729917420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuasaude.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
46ms XHR
text/plain 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1305701531&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuasaude.com%2F&ul=en-us&de=UTF-8&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAACAAI~&jid=304163835&gjid=923075205&cid=1986060028.1692280399&tid=UA-130025901-22&_gid=1979998053.1692280399&_r=1&_slc=1&gtm=45He3890n81N8S2MQM&z=811077431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuasaude.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.04e94784.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 48ms
39ms Script
application/javascript 146.75.28.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.84 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd386afa44d059e6ca715a93b137ed3f3129d0256ee732ce7f7379646daebd87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:18 GMT
content-encoding: br
x-cdn: fastly
etag: "8bc4eba10054ba07ad4e64b48e81a0a8"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18136

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 123ms
51ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je3890h1&_p=1305701531&_gaz=1&cid=1986060028.1692280399&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692280398&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 122ms
45ms Ping
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VJN3X16J7Y&cid=1986060028.1692280399&gtm=45je3890h1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 138ms
58ms Image
image/gif 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VJN3X16J7Y&cid=1986060028.1692280399&gtm=45je3890h1&aip=1&z=721639502

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 48ms
47ms Ping
text/plain 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KMLKQF5N2B&gtm=45je3890&_p=1305701531&cid=1986060028.1692280399&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692280398&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KMLKQF5N2B&l=crossDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 79ms
45ms XHR
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10615049-1&cid=1986060028.1692280399&jid=1961146843&gjid=495934225&_gid=1979998053.1692280399&_u=aGBAAEACQAAAACAAI~&z=142170050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuasaude.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:53:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 75ms
43ms XHR
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-130025901-22&cid=1986060028.1692280399&jid=304163835&gjid=923075205&_gid=1979998053.1692280399&_u=aGDACEADRAAAACAAI~&z=1646058382

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuasaude.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 17 Aug 2023 13:53:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp&cc=1

85 B
203 B

41ms
40ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp&cc=1
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: afb77f4c1a3d09ea04de1ed0df738933c9a34c74cc59f8a93b0cf1819ba1101b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-jH1n0ohNAC1SdDc3VJI+9F+91rQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuasaude.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 17 Aug 2023 13:53:19 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.tuasaude.com
location: /esp?url=https%3A%2F%2Fwww.tuasaude.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
ct.pinterest.com/user/ 563 B
647 B 99ms
49ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613542178268&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1692280399046&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b08f1a92f3dd85b04971507ee42f1288c969e56eaead2ae44c7b27781a864676

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
x-pinterest-rid: 2144070467568121
content-length: 385
pin-unauth: dWlkPU1XUTVaRFV3WmpVdE9XRmhZUzAwWkRReUxXSXpaRFl0T1dKbFpUUmhPVGc1Tnpoaw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuasaude.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 79d57f36d3957ccf0650d19a3e0f06300511b3b8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 563 B
502 B 152ms
103ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2613542178268&cb=1692280399048&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.04e94784.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b08f1a92f3dd85b04971507ee42f1288c969e56eaead2ae44c7b27781a864676

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 7816436921934429
content-length: 385
pin-unauth: dWlkPU5EWXpZV05qT1dJdE1tWTRZaTAwTkRSa0xXRXlPREV0WlRObFpHTTJaVE5sTTJNNA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tuasaude.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 79d57f36d3957ccf0650d19a3e0f06300511b3b8
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
615 B 174ms
49ms XHR
application/json 54.85.119.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.119.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-119-254.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 32b5acd970997b2e889381b4876e35a181d23195f6f74255d1cb4f0ee9daab3e

Request headers

Referer: https://www.tuasaude.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache
x-server: 10.40.32.98
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
290 B 79ms
43ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613542178268&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.tuasaude.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2204e94784%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1692280399061
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: db7f3ac0d0fce503cf2f62731daa92ee2639d924
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8073867900741279
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame E238
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t

350 B
1 KB

59ms
59ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

cfeb11f2c5cdcbc93110dbc3f5856d1046c2e5291fd5f9944882fb06e33f484d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.tuasaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 350
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 17 Aug 2023 13:53:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 9PR9KTVBHQA9A9ZKHB04

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 17 Aug 2023 13:53:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: EVCBPZM86PAT3M25B87C

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 121ms
48ms Image
image/gif 142.251.40.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10615049-1&cid=1986060028.1692280399&jid=1961146843&_u=aGBAAEACQAAAACAAI~&z=1742767587

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.100 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 53ms
51ms Image
image/gif 172.217.13.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10615049-1&cid=1986060028.1692280399&jid=1961146843&_u=aGBAAEACQAAAACAAI~&z=1742767587

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 407ms
406ms XHR
text/plain 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=196577844420247&correlator=602317184628074&eid=31076399%2C31076475&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=92076944%2CTS-STICKY-FOOTER-DESKTOP&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=1&didk=626756903&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692280399108&lmt=1692305599&adxs=315&adys=1098&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.tuasaude.com%2F&frm=20&vis=1&psz=1600x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1986060028.1692280399&ga_sid=1692280399&ga_hid=1305701531&ga_fc=true&dlt=1692280397949&idt=786&prev_scp=amp%3Dno%26mature%3Dno%26language%3Dpt%26layout%3Dharmony%26acordo%3Drede-dor-insite%26amzniid%3DJCU23UB3leMlfNtgHrNQDU0AAAGKA8WktQEAAAJYAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCz12pK%26amznp%3D2qkvsw%26amznsz%3D970x90%26amznbid%3Ddf591c&cust_params=amznbid%3D0%26amznp%3D0&adks=826003740

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d4a3775261cecd3ce2a1710b67345a03c617b29439922218f3e2f6b04257ee99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F2A 6 KB
3 KB 133ms
48ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuasaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 13:53:19 GMT
expires: Fri, 16 Aug 2024 13:53:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8E55 594 B
814 B 73ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2ac9b70a877b36a972be63e6ef4232da073fc2a9487b37453c704fe10129ab9a

Request headers

Referer: https://www.tuasaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 387
content-type: text/html
date: Thu, 17 Aug 2023 13:53:19 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 / Show response
www.facebook.com/tr/ Frame FA67 0
73 B 35ms
34ms Document
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.tuasaude.com
Referer: https://www.tuasaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.tuasaude.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 13:53:19 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
329 B 42ms
42ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2613542178268&cb=1692280399211&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU1XUTVaRFV3WmpVdE9XRmhZUzAwWkRReUxXSXpaRFl0T1dKbFpUUmhPVGc1Tnpoaw%22%2C%22aem_ge%22%3A%2262c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a%22%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.tuasaude.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2204e94784%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.tuasaude.com
URL: https://www.tuasaude.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: db7f3ac0d0fce503cf2f62731daa92ee2639d924
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1656634152637276
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6305d261-1dc2-ea69-d6b8-346368ad1b73
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8E55 43 B
602 B 120ms
41ms Image
image/gif 44.210.181.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/6305d261-1dc2-ea69-d6b8-346368ad1b73?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.181.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-181-70.compute-1.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 8E55 43 B
855 B 104ms
44ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=af14c858-91c4-c3da-2761-a001ffc91dda

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SH9B8BR4K4HB86PQA341
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8E55
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&ttd_puid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0&gdpr_consent=

43 B
323 B

28ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&ttd_puid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&ttd_puid=f7c2b425-8d6e-7820-e76f-229697fad63a&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8E55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh&google_tc=

170 B
243 B

56ms
55ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGJhZDY3ZWYtNDQxOS0yNjg0LWYyOGYtNzgyZjVkMTgxODVh&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8E55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArfCjx80cERmatrlXzbeGQ&google_cver=1

43 B
106 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArfCjx80cERmatrlXzbeGQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArfCjx80cERmatrlXzbeGQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 0424 2 KB
3 KB 48ms
48ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

9a641f806d420468edaccc03b974dab6b8430221078ebec02713a8098e5d68f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2517
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 17 Aug 2023 13:53:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 2A49QP2P1A2EXH0NRF9K

GET
H2 200 container.html Show response
5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B6E6 6 KB
3 KB 36ms
26ms Document
text/html 172.217.13.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tuasaude.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 13:53:19 GMT
expires: Fri, 16 Aug 2024 13:53:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 49ms
48ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je3890h1&_p=1305701531&cid=1986060028.1692280399&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692280398&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=calculator-shown&ep.widgetCode=bmi-calculator&_et=401
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0424
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.ad.smaato.net/c/?adExInit=aps&cookieCheck=1
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a89a0ecee3&gdpr=0&gdpr_consent=

43 B
855 B

86ms
46ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a89a0ecee3&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BJE6ZNWB8GVDY5N52A3W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 17 Aug 2023 13:53:08 GMT
via: 1.1 0e3c225d58500145a5360bc7903299fe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CMH68-P4
age: 12
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a89a0ecee3&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: n047UsFHyfkAYyEwBoVij81mJ6DnIgL0HJ1gS5NSK3ykT9vOLjzNWg==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0424
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
https://s.amazon-adsystem.com/ecm3?id=96266468B6874716B7CCBE5D097794E5&ex=simpli.fi&status=ok

43 B
479 B

46ms
44ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=96266468B6874716B7CCBE5D097794E5&ex=simpli.fi&status=ok

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WSRJCASEY2RQ6Z0YCX59
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?id=96266468B6874716B7CCBE5D097794E5&ex=simpli.fi&status=ok
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 16 Aug 2023 13:53:20 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0424
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3352820005669622000V10

43 B
479 B

91ms
43ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3352820005669622000V10

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EM2N2KXNNSSPA2M7GBJW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3352820005669622000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 17 Aug 2023 13:53:20 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0424
Redirect Chain

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
https://sync.outbrain.com/sync-external?uid=6sJmOAMVRLuwuj8PWqIi&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63...
https://creativecdn.com/cm-notify?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NE...
https://creativecdn.com/cm-notify?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NE...
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nCFcoabTzcUmYnBA9BFi&obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Famazon_tam%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNF...
https://b1sync.zemanta.com/usersync/amazon_tam/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZUWIPJWONFG2T2BJVLFETDVO52WUOCQK5YUS2I
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=6sJmOAMVRLuwuj8PWqIi

43 B
479 B

48ms
48ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=6sJmOAMVRLuwuj8PWqIi

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MK56B8TSV2FCNEKJWFRG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=6sJmOAMVRLuwuj8PWqIi
Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 101
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
3 KB

33ms
30ms

Document
text/html

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 5dc16533b6e87e12fa4d6e38f3ebb109b00e449bd1f1a7411167ffce0dd98d64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1868
Content-Type: text/html
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F907 15 KB
6 KB 157ms
31ms Document
text/html 23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=82468
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 17 Aug 2023 13:53:20 GMT
expires: Fri, 18 Aug 2023 12:47:48 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2659 281 B
554 B 162ms
30ms Document
text/html 23.41.170.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-170-143.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Aug 2023 13:53:20 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 052A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS03X3o0a1NwRTJ1SmwyWVRPYVZQOGNpeUtiTkFtanNSdn5B

43 B
479 B

44ms
43ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS03X3o0a1NwRTJ1SmwyWVRPYVZQOGNpeUtiTkFtanNSdn5B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 0T50PMYSZVYC2GXAA7S8

Redirect headers

age: 0
content-length: 0
date: Thu, 17 Aug 2023 13:53:20 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS03X3o0a1NwRTJ1SmwyWVRPYVZQOGNpeUtiTkFtanNSdn5B
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 3A4E 729 B
774 B 44ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a722186333971d2ca80d257322e8ca361b5252286a9ec3ea87184875b3eb66c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 460
content-type: text/html
date: Thu, 17 Aug 2023 13:53:20 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 2641
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=240977721975030030&gdpr=0&gdpr_consent=

43 B
479 B

87ms
50ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=240977721975030030&gdpr=0&gdpr_consent=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: TRC1WRBACCM7DXNXBPDP

Redirect headers

content-length: 0
date: Thu, 17 Aug 2023 13:53:20 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=240977721975030030&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

amazon Show response
ce.lijit.com/beacon/ Frame 168D
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

1 KB
1 KB

40ms
39ms

Document
text/html

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_pm-db5_n-simpli.fi_rbd_n-vmg_n-MediaNet_ox-db5_smrt_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b12dfd63bf77812e593aca71a50ace9447340eddc9b52c6bbfa6e916fea7af9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding: gzip
Content-Length: 501
Content-Type: text/html
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-Sovrn-Pod: ad_ap2ewr1

Redirect headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 0
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Location: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2ewr1

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E1D0 624 B
689 B 157ms
52ms Document
text/html 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEY68qv4AEwAQ&v=APEucNXFwlxNj57C0Hue3wviBL2ZZWM0uJe5c1WtTnjG-Ar7P2P_tgcogHNETVH3l_xdVraiT3eDcXU_-YD5hTxJl5ElS4q7wQ

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 13:53:20 GMT
expires: Thu, 17 Aug 2023 13:53:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C280 86 KB
30 KB 180ms
75ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:53:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame C280 3 KB
1 KB 136ms
30ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:14:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame C280 20 KB
8 KB 130ms
25ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:14:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C280 180 KB
57 KB 60ms
58ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:53:20 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C280 42 B
401 B 154ms
50ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bn3yxMUFL73yOgMLUiBQCt3gpMaEpYn_dgf7YfBEYqx2kkqicc7o6v-kxcBKxABh9erQKtmPkkLeIjs6fDjqYNjv78PddBr1dhdDir3qT9chhcyno

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C280 0
58 B 154ms
51ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1958645159533580464&x=1&ct=76

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 3A4E 43 B
479 B 49ms
48ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=af14c858-91c4-c3da-2761-a001ffc91dda

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W91VBA25GH3YZRVZZ0HM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58294/ Frame 3A4E 0
398 B 96ms
38ms Image
text/plain 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d90637ac-5504-4269-b448-e39c00592253

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

458249.gif
idsync.rlcdn.com/ Frame 3A4E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
https://id.rlcdn.com/464246.gif?partner_uid=a204cb43-4029-4e40-b816-a265ae61b7e2
https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYTIwNGNiNDMtNDAyOS00ZTQwLWI4MTYtYTI2NWFlNjFiN2UyEAAaDQjQzPimBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=b8d03b0da7978053549b80bbb868af28f201b0461a3aaff5f899349886b2bcf4791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiOGQwM2IwZGE3OTc4MDUzNTQ5YjgwYmJiODY4YWYyOGYyMDFiMDQ2MWEzYWFmZjVmODk5MzQ5ODg2YjJiY2Y0NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiOGQwM2IwZGE3OTc4MDUzNTQ5YjgwYmJiODY4YWYyOGYyMDFiMDQ2MWEzYWFmZjVmODk5MzQ5ODg2YjJiY2Y0NzkxNDI2YjU0MTdkY2UyMRAAGgwI0cz4pgYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=b43145ed-51da-4ba3-a2c4-e5dbd287b8da

42 B
318 B

42ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=b43145ed-51da-4ba3-a2c4-e5dbd287b8da
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=b43145ed-51da-4ba3-a2c4-e5dbd287b8da
date: Thu, 17 Aug 2023 13:53:22 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3A4E
Redirect Chain

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://us-u.openx.net/w/1.0/sd?id=537072399&val=5341192838680318770

43 B
61 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072399&val=5341192838680318770
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
an-x-request-uuid: f718b24e-002e-4b69-8d86-894014f79f2b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://us-u.openx.net/w/1.0/sd?id=537072399&val=5341192838680318770
x-proxy-origin: 37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3A4E
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3A4E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZN4mUAAAAyOoQAA4
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN4mUAAAAyOoQAA4&_test=ZN4mUAAAAyOoQAA4

43 B
61 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN4mUAAAAyOoQAA4&_test=ZN4mUAAAAyOoQAA4
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yyz4528-YYZ
pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1692280400.362698,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN4mUAAAAyOoQAA4&_test=ZN4mUAAAAyOoQAA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F907 2 KB
2 KB 366ms
33ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69854670&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ef580230ce46fc99487cf3666eda8dfd4f181fe8b3e456670ec61985c6c258ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 17 Aug 2023 13:53:20 GMT
content-length: 1736
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2659 34 KB
10 KB 34ms
32ms Script
text/html 23.41.170.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.170.143 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-170-143.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 13:53:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2023 04:13:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51582
Connection: keep-alive
Content-Length: 10116
Expires: Fri, 18 Aug 2023 04:13:02 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 291D 43 B
855 B 60ms
46ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN4mUE1VLSPQLpRKbP4jNQAAAIYAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: P2Y034P967F00MHA84K0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

43 B
631 B

34ms
33ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&expiration=1694872400&gdpr=0&gdpr_consent=

43 B
631 B

256ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&expiration=1694872400&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&expiration=1694872400&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAAAIYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHeMi9hh5g2WX3HSDlqDgp0&google_cver=1

43 B
764 B

29ms
29ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHeMi9hh5g2WX3HSDlqDgp0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHeMi9hh5g2WX3HSDlqDgp0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=zvzzWuOs1QwDre5

43 B
631 B

29ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=zvzzWuOs1QwDre5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-004b803653beae686@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=zvzzWuOs1QwDre5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 291D
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=640805bc-f8ab-43b6-b670-b1317108d2ec&ssp=index&expires=30&user_group=5&bsw_param=a14903c2-feaa-429f-a0b3-951cd5b52eda
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=&us_privacy=

43 B
631 B

102ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a14903c2-feaa-429f-a0b3-951cd5b52eda&gdpr=&gdpr_consent=&us_privacy=
Date: Thu, 17 Aug 2023 13:53:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://ums.acuityplatform.com/tum?umid=8
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=815026752044

43 B
631 B

28ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=815026752044
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=815026752044
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 291D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107181795025

43 B
631 B

28ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107181795025
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:21 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 393
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662107181795025
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f82671d7ae15425-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 291D 43 B
479 B 88ms
45ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZN4mUE1VLSPQLpRKbP4jNQAAAIYAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1D3AXFSB32ZNCYN68HM5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

43 B
631 B

217ms
34ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEY68qv4AEwAQ&v=APEucNXFwlxNj57C0Hue3wviBL2ZZWM0uJe5c1WtTnjG-Ar7P2P_tgcogHNETVH3l_xdVraiT3eDcXU_-YD5hTxJl5ElS4q7wQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1D0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN4mUE1VLSPQLpRKbP4jNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1

43 B
631 B

61ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEY68qv4AEwAQ&v=APEucNXFwlxNj57C0Hue3wviBL2ZZWM0uJe5c1WtTnjG-Ar7P2P_tgcogHNETVH3l_xdVraiT3eDcXU_-YD5hTxJl5ElS4q7wQ
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIIWnkeR86YfUqwGsUk6d3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E1D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBySxRT9H6tpJMJUpdY2Vlk&google_cver=1

43 B
841 B

51ms
50ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBySxRT9H6tpJMJUpdY2Vlk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-l9gIQ5dj98gEY68qv4AEwAQ&v=APEucNXFwlxNj57C0Hue3wviBL2ZZWM0uJe5c1WtTnjG-Ar7P2P_tgcogHNETVH3l_xdVraiT3eDcXU_-YD5hTxJl5ElS4q7wQ

Protocol

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
an-x-request-uuid: 6b4d26fc-4b6d-47dc-9361-349b502790cb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBySxRT9H6tpJMJUpdY2Vlk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1D0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MTE5MjgzODY4MDMxODc3MA%3D%3D

170 B
188 B

53ms
52ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MTE5MjgzODY4MDMxODc3MA%3D%3D

Requested by

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
an-x-request-uuid: 1d227481-e7db-40bf-b52b-ad4d151f7484
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM0MTE5MjgzODY4MDMxODc3MA%3D%3D
x-proxy-origin: 37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2659 284 B
922 B 165ms
49ms Image
image/jpg 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C280 0
56 B 55ms
54ms Ping
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6292916599863&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C280 0
56 B 58ms
58ms Ping
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6292916599863&version=m202307240101&ct=76&x=1&cor=1958645159533580500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C280 89 KB
37 KB 94ms
93ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoJSdwvsJnTKYV4x906yKdl2JLbOh6fwbt4RdfHAvtWKFgwrEazuZfJvNqHFn-Z5ecg01HTO1ICfv_PRGzZDlAi044CA&cry=1&dbm_d=AKAmf-DU1ITdE4Cy1xD_jsM-ckNkYSxNqYJiyO4btvDnVwXSadJTY116XN5U8w94hM3suiIP-tFsfEVZ4UhCwLnfaCEFUugeQblo8P9GTJpuVulEynKjS1IPa_MfGvzjsULAVrxBQQ401mFP09RXElj4WqOBAkqU-3G7a9Fch8IPITBOT76nPdUEbAQBn-G4gEqHHznN52meJVM71Qi1l1dmcCWcaFTK-qt6H5RPAOz0onxqXpKb1cJM7MDBWd1e_09cyw7-5pXkTxAvJRU-JtK1PGgA1R_0Y15pDe_4dFUEs4fuFYo7cxHpmUcklL8_YL2hxG6Co5azC9xjpBPLc5BysXcljiW_Py4ZVbGRq5PJ7xh8Hj0zGSVQBUGUMyAADnRc27YlaOlc93_Kc6VEpE2nYs5xpKe4mUAAcDbpJ0uEIJ-msdQ7Afu0N_GSyEEeZ_z3u0s1gekYApyt6U1a2pZhreP6xBx1aaKTwi4VgufCpnTTISkUZbwhPaqbCK10g7BAudAnd_S_5HQvDAQHuDGpW24AHYuuzfU77AurdG4aVbiMHx7vG4WQe5287VtSc9u5kliz0OjAABLtvz7yFif7h-boqxH1kz4rRybsLDb18JK03DPt6Fart59CLmRnC1gnA6iZVvVzZZZzor8qGqPLD8DROLPktemdzP9bHA4pDHQKTpNez7dTujU6nW4obwmER3RED8B3mvazhBSAdTntliAxCRLlNed5273IqHDYGW_bpcV9J0v0nd6fw6pYtkNxeb_3VeP2NqgRtVGdSPrbAGkXqKe90D5_msTwJ4nfoVnMz5eqQGPJf2b1Mi9TW4up-aQi1mNd2GpGNwtrrHq4ApW9wdZpJiTDy6yXiOeCIJzHyq70dLDAFzRvfDQudc1LRAr7JDWrTwHYN7OLJatVgOnmPswD7AlGLAFlyNGg42FPug8kJcQKwulAaAFw4J2rtYQpw7WuKsJ1pBfHBkHY01WUaKVR54dASylxQBsa8sKTST09a8M1eLr92oWUR8pShBm64vFmK8mZ9sHpBqQnVZNbmqVpSumYlVkGNYTWZjUbZIJ3j8TiG8pqrzvP9XEwcln--TuRtmNWhLwCtIRIQnI67GVLt_8mt4s4KaPuWiiXFNuYbF1ZUwhhvh1u-Xjqd7RUapYA4fqkSljYBh2vENYDU-GVwn-kXBKAag7tedsR4bt9TzSOuvZvu-rhXGnfU3b-PUFIW9D_b6h2zQYC1SXBdkM_yhkZTLM8Dw5CcNBTPaieUG7UQlBvIgqr1qN6aTJzlUGMVqEQ2PAowsXNfpJrNEB80F4RmzHp797wHIDONYFnazte-IeTUilo9LmDULo9mV4I0Kg0wmkQ8PqVlYdJilpCLQqzi-UD7Aoi2crdjII-XQKV3U_jI-hsW4JZg_FTpBZIJcK_iaBsUcCgry-TcXKs7sWa2o27MRk1J6LUODdWGB23ri5JTvmgdq7fsqEMc673Pa_HP0LFB4JPfvsm4Q3JhRNm6qj-TyrvAPAM5j9Rt4Pppp-m-zdk7FDsuAfSHQxvaOicw8WCzWDvSN6T2E-QbpKtqDDWaZg3sq3bao-p2k-c14gZuZkDBYkwpBoe16I6ael3zElPEM6y9OGKOLQ-WLKN30bf2L3C5HCeDqJN4XK4DZF24k8z4ZvdHW5eYWOJIiQtbfTEzREs4Qz9nNoASHy8mt1Cr81CrQnPFPH3TkPvu-fsW4dlvGKXhJMYt-rhL8AEYV8SGTEh7osdLbFNtH4UYW9PYNJ8SFxi0zMor9CvmqW-5GtLcpVpC_C5pQEDj7AMOJK9faPDV8bcys0M2T4EQsGGX39DF18kZEuFPd-DmPpVE7xZc5NA_u-9jVUH5Y-4SW9iTdSG-hgY5OO3Cq0YqRWCDaU-jc39aa0i9NzUPzKs-7c5OwAm7igyCJerD-HtjIB14HJqrFfN5tXJm8Ie4_f6dGSaGp8LVOyCHkPLnDEVHoxnVeYMs2eD06WTTzXpIaoKytu4r2tvsdPemZZ34EPB8cKo3enODEemrSKMQhgDC3hNvbxGg30sEGYwT5H5powLQTvFLXde6vfkehV0Mk53oGNV1reTQE3Yi48RfqSGxVnRtWfn31sZtlfiRFcvf65O7suOXDXAerGQSwIEY6Kam5TnVttV1NFoC2Fz2TG6noNY7WC53rZsQ-IrJCZcrqvx__IbaB2A5zYrXw5OumG3HJcQTcGL0YkGko5PdpQFv0zbzUS35yV2usUdYEIhWpL39b04bfqi4LFJQY3c7VrJoAahiYiNXN0JOzrr4y1pe0lU3z2BF_OmMu8UhWti40mH6Lr0L1K-gubMqOUu_xuEdaNKPiYrNka9nULuSopjEFPy9B6dZuW3u3l-NKcpreDj1YLlma7f0CoP468cxURlOtEDI6eeCdOuCG2GaicvklSKFkT6PjdI14HTFF_uVNfptiR6vBsEUNNe2j6cHPJRSpOExlPbzgh5B8AuvFcvwWUv1j49uHCcVgmKPFIelGEBPcNQ9zuTr5aVfukyfiKO8HrshfqgpjxkUwnnJrEGEJGbHkbd15YVauJEyGnG2-VzCPxFOee_CQ_dsVc_kQmViiSLKN7l8xfvwnU1WbsYEeFBMoLmCOX9i1dVzzVYG1c4R0zUM_CF3Y2WbsGdcl5kCnHE4YhaIlvX0i8I_cw5_2oBj6SB7fcJVog9RcGno8wihuyE0SzjJ2wgOh_J3m-tgESR6ZhGTVaOme1hBBrVbgXP_KDiMr5ICuxHQio3Mog_qMf1mp7Spo_I1zf9oHKOF5JVNBexLmOwUCpWywgJu12-pf9bdAyZSpzxsYvAMab8e0fU-GhS3HaOByOpry3He1mwBC1jpVmtXU1ZEDvLZaTp_SqYi9sFKwnI8TFiOMQ4q45JyzTOxxOA2KAdXpdBBdvvrNLVOmMi4HCdmrv0VZfqWnm_6nmNUjjlKJhY_wiero_QndUAX3QaS5p2T1CeADZR53jqV6QkhQXt0sU_Y5i3RqN3nLkG_Wn-y5F6zRfRE0slLx8J_so1LYEFdCEMN1ROTvi53VXZlMfmea16Qvdgi8RsCn_VzfCv4K-DfeCGqI_S1jThk8yTG5Fih-h78OIwuOMxDqsgoyX_22D5614xrmexi04MIRDbhJnsx_eTlP7xXrTb7_D_y8pqOXbnyX30e6LU8LJsmeXDtgS1eI3G19cKet3B8eAfYzXhCooHDiceHKK7153ZmKSz18dzBeQLo3-c1z_UHl5osETyPg3BftIr75Z3laaLNO_0KxexHu922jYUpecI9z88eE2_GV8-kDYvmuD0syyTfX_2VChJjdbJijlIBhf3dllGTBdx9C44P6DUrNpy2tN1DrtqckdfheOZ_DiBi-odYavFpSaGn0DEY297G2VRoKGJLszr-F5sniVkKTPcK6ECH3T3KkXKyPymLIBHLwf4ZoH1-6QLykZBqwZF9F3TB-o4mxwLXAjnxpFarYwzL_s2sDhdz1xkE1tJ4C0bxzbRJIoI4A3TKBF-7b8cHL3AEgaz7OWv-rJUR6ddMNOCJtISHuIzmHgQU8xeEUm3LPU5F_KgOWOb6UNDcBvHWGClI1_-AS0H2g0FnrPCTWla2ROGzYjHQE3jtND_xmk5KasT4zfejWhbsnKseE9TMqm6kNas_dXJfdJnXPNbAGWjYFswEoPCa7aDpRe16A-oVpVR3tbcr3_jDQYw5Pe5fGQIm2dtD8WYyD2M5iAgPg4i0Jhfu_a2YIet_yWEcmlVbvcrZ_OrFEHGmqRdVuVRYJXj&cid=CAQSTABpAlJWFYpEiWxITv5-TQQTgLgXeEc04A-2Esm9fKDm27gJEflIIaba4Eh_5skA2WIRxQDzwdj1MxO8Dii6ExVpQ9feMmJ_rfpB2GgYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.tuasaude.com%2F&ds=l&xdt=1&iif=1&cor=1958645159533580500&adk=497053795&idt=200&cac=0&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

405fa58429b9cba6baa88a5369464cdb67973fb98e1e9b39f831f65d081ea021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 168D 43 B
479 B 65ms
64ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=HKpBaPZHo18uWja_T6a8UMij&ex=sovrn.com&gdpr=0&gdpr_consent=

Requested by

Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SRTSEEP3GSMV9HSWFAP3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 168D
Redirect Chain

https://um.simpli.fi/lj_match?r=1692280400485&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=2&3pid=96266468B6874716B7CCBE5D097794E5

43 B
862 B

39ms
38ms

Image
image/gif

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=96266468B6874716B7CCBE5D097794E5
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:20 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=96266468B6874716B7CCBE5D097794E5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 16 Aug 2023 13:53:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 168D
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SEtwQmFQWkhvMTh1V2phX1Q2YThVTWlq&gdpr=0

170 B
188 B

52ms
51ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SEtwQmFQWkhvMTh1V2phX1Q2YThVTWlq&gdpr=0

Requested by

Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 17 Aug 2023 13:53:20 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SEtwQmFQWkhvMTh1V2phX1Q2YThVTWlq&gdpr=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 168D
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=185&cm=HKpBaPZHo18uWja_T6a8UMij&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7

43 B
1 KB

45ms
44ms

Image
image/gif

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 17 Aug 2023 13:53:21 GMT
server: Aorta/20230816.bd034b287
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://ce.lijit.com/merge?pid=84&3pid=c:dd9559e307de97e659e30f3d1031aef7
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 37ea227bd25c
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 168D
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=80&3pid=LLF824NX-1N-HAVQ&gdpr=0

43 B
1 KB

59ms
59ms

Image
image/gif

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LLF824NX-1N-HAVQ&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:24 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LLF824NX-1N-HAVQ&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 168D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1692280403999
https://ad.turn.com/r/cs?pid=45&rndcb=7267836971
https://sync.1rx.io/usersync/turn/7324548135155167890?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005
https://ce.lijit.com/merge?pid=97&3pid=RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005

43 B
1 KB

42ms
42ms

Image
image/gif

23.92.190.68
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=97&3pid=RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Server: 23.92.190.68 Houston, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:24 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ewr1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date: Thu, 17 Aug 2023 13:53:24 GMT
Server: Tengine
ETag: RX9f7f0c57c87f4f4ea09a1031121734d7005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://ce.lijit.com/merge?pid=97&3pid=RX-9f7f0c57-c87f-4f4e-a09a-1031121734d7-005
Content-Type: text/html
Connection: keep-alive

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2659
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLF82205-24-KOWW
https://s.amazon-adsystem.com/ecm3?id=LLF82205-24-KOWW&ex=d-rubiconproject.com&status=ok

43 B
479 B

66ms
65ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LLF82205-24-KOWW&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JMTXVM1TKTDEYCJY3291
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LLF82205-24-KOWW&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C280 111 KB
39 KB 3385ms
54ms Script
text/javascript 172.217.13.102

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
Origin: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 00:57:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame C280 11 KB
4 KB 25ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoJSdwvsJnTKYV4x906yKdl2JLbOh6fwbt4RdfHAvtWKFgwrEazuZfJvNqHFn-Z5ecg01HTO1ICfv_PRGzZDlAi044CA&cry=1&dbm_d=AKAmf-DU1ITdE4Cy1xD_jsM-ckNkYSxNqYJiyO4btvDnVwXSadJTY116XN5U8w94hM3suiIP-tFsfEVZ4UhCwLnfaCEFUugeQblo8P9GTJpuVulEynKjS1IPa_MfGvzjsULAVrxBQQ401mFP09RXElj4WqOBAkqU-3G7a9Fch8IPITBOT76nPdUEbAQBn-G4gEqHHznN52meJVM71Qi1l1dmcCWcaFTK-qt6H5RPAOz0onxqXpKb1cJM7MDBWd1e_09cyw7-5pXkTxAvJRU-JtK1PGgA1R_0Y15pDe_4dFUEs4fuFYo7cxHpmUcklL8_YL2hxG6Co5azC9xjpBPLc5BysXcljiW_Py4ZVbGRq5PJ7xh8Hj0zGSVQBUGUMyAADnRc27YlaOlc93_Kc6VEpE2nYs5xpKe4mUAAcDbpJ0uEIJ-msdQ7Afu0N_GSyEEeZ_z3u0s1gekYApyt6U1a2pZhreP6xBx1aaKTwi4VgufCpnTTISkUZbwhPaqbCK10g7BAudAnd_S_5HQvDAQHuDGpW24AHYuuzfU77AurdG4aVbiMHx7vG4WQe5287VtSc9u5kliz0OjAABLtvz7yFif7h-boqxH1kz4rRybsLDb18JK03DPt6Fart59CLmRnC1gnA6iZVvVzZZZzor8qGqPLD8DROLPktemdzP9bHA4pDHQKTpNez7dTujU6nW4obwmER3RED8B3mvazhBSAdTntliAxCRLlNed5273IqHDYGW_bpcV9J0v0nd6fw6pYtkNxeb_3VeP2NqgRtVGdSPrbAGkXqKe90D5_msTwJ4nfoVnMz5eqQGPJf2b1Mi9TW4up-aQi1mNd2GpGNwtrrHq4ApW9wdZpJiTDy6yXiOeCIJzHyq70dLDAFzRvfDQudc1LRAr7JDWrTwHYN7OLJatVgOnmPswD7AlGLAFlyNGg42FPug8kJcQKwulAaAFw4J2rtYQpw7WuKsJ1pBfHBkHY01WUaKVR54dASylxQBsa8sKTST09a8M1eLr92oWUR8pShBm64vFmK8mZ9sHpBqQnVZNbmqVpSumYlVkGNYTWZjUbZIJ3j8TiG8pqrzvP9XEwcln--TuRtmNWhLwCtIRIQnI67GVLt_8mt4s4KaPuWiiXFNuYbF1ZUwhhvh1u-Xjqd7RUapYA4fqkSljYBh2vENYDU-GVwn-kXBKAag7tedsR4bt9TzSOuvZvu-rhXGnfU3b-PUFIW9D_b6h2zQYC1SXBdkM_yhkZTLM8Dw5CcNBTPaieUG7UQlBvIgqr1qN6aTJzlUGMVqEQ2PAowsXNfpJrNEB80F4RmzHp797wHIDONYFnazte-IeTUilo9LmDULo9mV4I0Kg0wmkQ8PqVlYdJilpCLQqzi-UD7Aoi2crdjII-XQKV3U_jI-hsW4JZg_FTpBZIJcK_iaBsUcCgry-TcXKs7sWa2o27MRk1J6LUODdWGB23ri5JTvmgdq7fsqEMc673Pa_HP0LFB4JPfvsm4Q3JhRNm6qj-TyrvAPAM5j9Rt4Pppp-m-zdk7FDsuAfSHQxvaOicw8WCzWDvSN6T2E-QbpKtqDDWaZg3sq3bao-p2k-c14gZuZkDBYkwpBoe16I6ael3zElPEM6y9OGKOLQ-WLKN30bf2L3C5HCeDqJN4XK4DZF24k8z4ZvdHW5eYWOJIiQtbfTEzREs4Qz9nNoASHy8mt1Cr81CrQnPFPH3TkPvu-fsW4dlvGKXhJMYt-rhL8AEYV8SGTEh7osdLbFNtH4UYW9PYNJ8SFxi0zMor9CvmqW-5GtLcpVpC_C5pQEDj7AMOJK9faPDV8bcys0M2T4EQsGGX39DF18kZEuFPd-DmPpVE7xZc5NA_u-9jVUH5Y-4SW9iTdSG-hgY5OO3Cq0YqRWCDaU-jc39aa0i9NzUPzKs-7c5OwAm7igyCJerD-HtjIB14HJqrFfN5tXJm8Ie4_f6dGSaGp8LVOyCHkPLnDEVHoxnVeYMs2eD06WTTzXpIaoKytu4r2tvsdPemZZ34EPB8cKo3enODEemrSKMQhgDC3hNvbxGg30sEGYwT5H5powLQTvFLXde6vfkehV0Mk53oGNV1reTQE3Yi48RfqSGxVnRtWfn31sZtlfiRFcvf65O7suOXDXAerGQSwIEY6Kam5TnVttV1NFoC2Fz2TG6noNY7WC53rZsQ-IrJCZcrqvx__IbaB2A5zYrXw5OumG3HJcQTcGL0YkGko5PdpQFv0zbzUS35yV2usUdYEIhWpL39b04bfqi4LFJQY3c7VrJoAahiYiNXN0JOzrr4y1pe0lU3z2BF_OmMu8UhWti40mH6Lr0L1K-gubMqOUu_xuEdaNKPiYrNka9nULuSopjEFPy9B6dZuW3u3l-NKcpreDj1YLlma7f0CoP468cxURlOtEDI6eeCdOuCG2GaicvklSKFkT6PjdI14HTFF_uVNfptiR6vBsEUNNe2j6cHPJRSpOExlPbzgh5B8AuvFcvwWUv1j49uHCcVgmKPFIelGEBPcNQ9zuTr5aVfukyfiKO8HrshfqgpjxkUwnnJrEGEJGbHkbd15YVauJEyGnG2-VzCPxFOee_CQ_dsVc_kQmViiSLKN7l8xfvwnU1WbsYEeFBMoLmCOX9i1dVzzVYG1c4R0zUM_CF3Y2WbsGdcl5kCnHE4YhaIlvX0i8I_cw5_2oBj6SB7fcJVog9RcGno8wihuyE0SzjJ2wgOh_J3m-tgESR6ZhGTVaOme1hBBrVbgXP_KDiMr5ICuxHQio3Mog_qMf1mp7Spo_I1zf9oHKOF5JVNBexLmOwUCpWywgJu12-pf9bdAyZSpzxsYvAMab8e0fU-GhS3HaOByOpry3He1mwBC1jpVmtXU1ZEDvLZaTp_SqYi9sFKwnI8TFiOMQ4q45JyzTOxxOA2KAdXpdBBdvvrNLVOmMi4HCdmrv0VZfqWnm_6nmNUjjlKJhY_wiero_QndUAX3QaS5p2T1CeADZR53jqV6QkhQXt0sU_Y5i3RqN3nLkG_Wn-y5F6zRfRE0slLx8J_so1LYEFdCEMN1ROTvi53VXZlMfmea16Qvdgi8RsCn_VzfCv4K-DfeCGqI_S1jThk8yTG5Fih-h78OIwuOMxDqsgoyX_22D5614xrmexi04MIRDbhJnsx_eTlP7xXrTb7_D_y8pqOXbnyX30e6LU8LJsmeXDtgS1eI3G19cKet3B8eAfYzXhCooHDiceHKK7153ZmKSz18dzBeQLo3-c1z_UHl5osETyPg3BftIr75Z3laaLNO_0KxexHu922jYUpecI9z88eE2_GV8-kDYvmuD0syyTfX_2VChJjdbJijlIBhf3dllGTBdx9C44P6DUrNpy2tN1DrtqckdfheOZ_DiBi-odYavFpSaGn0DEY297G2VRoKGJLszr-F5sniVkKTPcK6ECH3T3KkXKyPymLIBHLwf4ZoH1-6QLykZBqwZF9F3TB-o4mxwLXAjnxpFarYwzL_s2sDhdz1xkE1tJ4C0bxzbRJIoI4A3TKBF-7b8cHL3AEgaz7OWv-rJUR6ddMNOCJtISHuIzmHgQU8xeEUm3LPU5F_KgOWOb6UNDcBvHWGClI1_-AS0H2g0FnrPCTWla2ROGzYjHQE3jtND_xmk5KasT4zfejWhbsnKseE9TMqm6kNas_dXJfdJnXPNbAGWjYFswEoPCa7aDpRe16A-oVpVR3tbcr3_jDQYw5Pe5fGQIm2dtD8WYyD2M5iAgPg4i0Jhfu_a2YIet_yWEcmlVbvcrZ_OrFEHGmqRdVuVRYJXj&cid=CAQSTABpAlJWFYpEiWxITv5-TQQTgLgXeEc04A-2Esm9fKDm27gJEflIIaba4Eh_5skA2WIRxQDzwdj1MxO8Dii6ExVpQ9feMmJ_rfpB2GgYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.tuasaude.com%2F&ds=l&xdt=1&iif=1&cor=1958645159533580500&adk=497053795&idt=200&cac=0&dtd=58

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:43:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame C280 30 KB
11 KB 25ms
24ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 23:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Aug 2023 23:44:19 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C280 41 KB
14 KB 25ms
24ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tuasaude.com
URL: https://www.tuasaude.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 15:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 15:22:12 GMT

GET
DATA 200
OK truncated
/ Frame C280 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989a577cb3a9aab64a05ccffd01689b166ccfdeffe725e2502a7a5f86adfbd73

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 2659 43 B
855 B 797ms
189ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NXCRK6B7S3CJ96PWNP3K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2659
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzg0ZTA1MjE2Y2M0ZWUwNDZlOWY1NTY3ZDhhOGU5YzlkNDJiYzA0Ng

170 B
188 B

50ms
50ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzg0ZTA1MjE2Y2M0ZWUwNDZlOWY1NTY3ZDhhOGU5YzlkNDJiYzA0Ng

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Nzg0ZTA1MjE2Y2M0ZWUwNDZlOWY1NTY3ZDhhOGU5YzlkNDJiYzA0Ng
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2659
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/0BHsFsSBQLY3UwsKEF7wqsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l_k4.TFE2oKwLsBB99WNr4Jbtp7EJ2oTXHJwkQ--~A

42 B
679 B

290ms
36ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l_k4.TFE2oKwLsBB99WNr4Jbtp7EJ2oTXHJwkQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-l_k4.TFE2oKwLsBB99WNr4Jbtp7EJ2oTXHJwkQ--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2659
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGODIyMDUtMjQtS09XVw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMYzrv8qNCUAJ3h2TT2tHdg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGODIyMDUtMjQtS09XVw==&google_push=

170 B
188 B

50ms
49ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGODIyMDUtMjQtS09XVw==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGODIyMDUtMjQtS09XVw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2659
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fK1yqf-aRzm9Wm8FdcAOhA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fK1yqf-aRzm9Wm8FdcAOhA

43 B
479 B

41ms
40ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fK1yqf-aRzm9Wm8FdcAOhA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Aug 2023 13:53:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9RXE9PW91421DD0KQ80F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=fK1yqf-aRzm9Wm8FdcAOhA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2659
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBInIto61QRmflFLO-O-kv8&google_cver=1

42 B
679 B

368ms
38ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBInIto61QRmflFLO-O-kv8&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBInIto61QRmflFLO-O-kv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2659
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLF82205-24-KOWW

0
514 B

428ms
109ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLF82205-24-KOWW
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4880920172814486BB25DE3BDF02D504 Ref B: YTO01EDGE0507 Ref C: 2023-08-17T13:53:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDHrwtpFBMllr6gX/Xlw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLF82205-24-KOWW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2659
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=&expires=30

42 B
679 B

297ms
44ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame FD1A 43 B
855 B 47ms
46ms Document
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8ZNS35496GH1450Z6BD7

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 1125 43 B
479 B 54ms
51ms Document
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB04C5CD1-92D5-4052-9676-9B83A32FD3AE

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 17 Aug 2023 13:53:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: N5NYG9HVKPFKZXY21SPW

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F907
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sExc0ZLVQFKWdpuDoy_Trg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

50ms
50ms

Image
text/html

23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=82468
accept-ranges: bytes
content-length: 5606
expires: Fri, 18 Aug 2023 12:47:48 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET receive
pixel.tapad.com/idsync/ex/ Frame F907 0
0

GET
H/1.1 403
Forbidden FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame F907 0
0 1137ms
44ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B04C5CD1-92D5-4052-9676-9B83A32FD3AE&rnd=RND
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame F907
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
355 B

44ms
43ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 17 Aug 2023 13:53:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 17 Aug 2023 13:53:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjA0QzVDRDEtOTJENS00MDUyLTk2NzYtOUI4M0EzMkZEM0FF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

1142ms
34ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 17 Aug 2023 13:53:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWELbAPiC_WEkoQlgl-49A&google_cver=1

42 B
346 B

1150ms
36ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWELbAPiC_WEkoQlgl-49A&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 17 Aug 2023 09:25:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWELbAPiC_WEkoQlgl-49A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:96266468B6874716B7CCBE5D097794E5

42 B
327 B

1185ms
38ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:96266468B6874716B7CCBE5D097794E5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 17 Aug 2023 09:25:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:96266468B6874716B7CCBE5D097794E5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 16 Aug 2023 13:53:20 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=

42 B
358 B

3250ms
56ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 17 Aug 2023 13:53:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cf072dc5-4d6f-4686-b6c4-37c7eaf38923&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2 200 B04C5CD1-92D5-4052-9676-9B83A32FD3AE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F907 43 B
601 B 46ms
43ms Image
image/gif 44.210.181.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/B04C5CD1-92D5-4052-9676-9B83A32FD3AE?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.210.181.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-210-181-70.compute-1.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B68 22 KB
8 KB 36ms
34ms Document
text/html 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 129398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 01:56:42 GMT
expires: Thu, 15 Aug 2024 01:56:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B68 37 KB
14 KB 28ms
25ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:15:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:15:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B68 0
20 B 59ms
58ms Image
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpOCNUCbeZOOQIOXBoPwPy9yb6A0AAAAAOAHgBAI&bg=!kpGlkcXNAAZGPLJIZjw7ADkAdvg8Wn8b1X0vVZ2VmkEqdZnXWQgqGHcS5iwbfLXkjeOhIF4AvNtjJ3lxpy4iU8_vlMNqzPBdZ0YCAAAAlVIAAAANaAEHmQNSHpT16NADdfUR75EC_57jWaJ00IOkLiq0YBVKG0ok8GPomNj55Bh2MxrmdCDqNASaFzjNNYiwmq9FmoXZYvQqlzoyNXicrrvsMfJDc6G3cYL2qOjHM3Zy762wDHywrs5layBsFQGuctTeO1Tz1a2p-4bz57XuY5fkfcScHsaIKHRl3_lfRYiSRwctao2RuaWaVq8vd8kPPT_35_FhSfPwPgK0L7_zh8obLkCeEnHrUCEuYJO2gEGA2TdxCLOEmZ6ezJnNz56-8WYwigYOGMyRmIaHYX5WASUsTB5Od5bklPDcqbuWvB-3pl1RCZQkxOx0qLeweBI6TRQwgxX02HhLB_jI4P_qlv1zG1UqlEG0v1Z023CEUY-YygX0dtgZ5uaGCQxFwkrjPtQ92tCEmAAp8EdEErB3ioTJ20Htwrdg7PjCIzPdzR4MBZlTy2I6z-SIKNGsKSqWUUk7f_RTh4E_3JHsGpoA9JPClPtidCd5nFH6fv3ic_sVTIPsTJpejeyqKChOxxTnxNkCiAbpVdxDKx_CDaXGUREh_IoJkEFNm_e7o-SH5L1f2JsoX4gFEQsd-tKJkvVZPJDsK9blNiDC08QAf9AWIttPPVyZbu7csaMk6C-6jYz005OAYbZAQDVaf89O6ow8601prJ19iyRmexBsapHhF_SYUBBholdHGA9pzzhPX_XpHYuyLSx117o8jItZq4qDPFSFW7wsuNi8ayZLLZGQbZwQMEkd39sFKvAcnu-2nkKhM6_QdvSHLnef_eJhFM6XyYyXFnRvpyYtIkAvsagC94m-jl5VUm1q9_hI050fneuhvRngWZNDEiTQbE7LZXKFnqw_dt8mhadaUbiAxqU-7Kdj20iqPOTCXnFsxDJlKU3WE7kMnTZkw3mg-cbfdCs2h6kTaffuWFrazjNwKKaml8KQueC3jWhrCGWedPEKDYz7eyOxRBHVng66vrXnribmpOBBVr1Km5OzJgCLu6uxa1Wqe2ftE7THKhL_-DvG7sTECHBBwWXK7gS1NagPUB1XUZ1oORgNTaWbBoyOVbQ5JOeLiBki4T9CBiSTgPivgOP7xtWuAKcqNUMN6he3oxn4MsINwcIbZZWSDrvBKQIhzvgnmqLINJiSsh-xwQ

Requested by

Host: 5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com
URL: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C280 42 B
64 B 119ms
58ms Fetch
image/gif 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTlnfVBiHLVL8kSGJBppC45J814Js_Yy6L2rET0R9D5YIuUNcVdselJrbb2WNjWhmBcLIZ91vj1diR8y1FKnGRY3bfh_EzDPTgqTb17EouwSt5c52dEm8-tZEEByvJoJI_Fset4cQQPg&sai=AMfl-YSkJwjrWQPGFfnBSB0vIN8WbYNZ9fftB9khGbI3372XQkh5DAQEhhaoH95b5m262228wGU0JW1NxEvMvjYyLHHo-uFxsvxTuqVbolQfaB-amAgD1d95aD5TFugAFl_jbnqlt8IbhmbYo7haTw&sig=Cg0ArKJSzOlthzi8NCwxEAE&cid=CAQSTABpAlJWFYpEiWxITv5-TQQTgLgXeEc04A-2Esm9fKDm27gJEflIIaba4Eh_5skA2WIRxQDzwdj1MxO8Dii6ExVpQ9feMmJ_rfpB2GgYAQ&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=826003740&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692280400199&rpt=489&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F907 0
260 B 111ms
32ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 09:31:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F907 1 KB
2 KB 28ms
28ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8150329&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f9b3ef69038e1af045eed6845170a6e49ca725b61033971c90556a6fbb9e48f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 17 Aug 2023 13:53:22 GMT
content-length: 1414
content-type: text/html; charset=UTF-8

GET pm
match.prod.bidr.io/cookie-sync/ Frame 35A0 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A87B
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5341192838680318770&gdpr=0&gdpr_consent=

42 B
297 B

56ms
54ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5341192838680318770&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 17 Aug 2023 13:53:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: ff88b82f-9385-4d21-8213-dd55702547b4
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:53:23 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5341192838680318770&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 37.19.212.248; 37.19.212.248; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET bridge
cm.adgrx.com/ Frame 0A40 0
0

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 4FB8 43 B
479 B 55ms
52ms Document
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB04C5CD1-92D5-4052-9676-9B83A32FD3AE

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 17 Aug 2023 13:53:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 22BK7K22BDKEKV4MD7DM

GET insync
thrtle.com/ Frame F907 0
0

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame F907 43 B
61 B 34ms
29ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540245193&val=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Martin
crb.kargo.com/api/v1/dsync/ Frame F907 43 B
358 B 170ms
36ms Image
image/gif 54.87.87.55

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.87.55 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:24 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET sync
sync.bfmio.com/ Frame F907 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JxBLaVlE2uUWiA0VP15X0ahUoV19d2s-~A&gdpr=0

0
128 B

62ms
59ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JxBLaVlE2uUWiA0VP15X0ahUoV19d2s-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JxBLaVlE2uUWiA0VP15X0ahUoV19d2s-~A&gdpr=0
date: Thu, 17 Aug 2023 13:53:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F907
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=

1 B
274 B

54ms
51ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 13:53:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7324548135155167890&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 17 Aug 2023 13:53:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame F907 0
0

GET
H3 200 think_workmatters_T4_728x90_ani.html Show response
s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/ Frame 7D3B 6 KB
2 KB 103ms
25ms Document
text/html 172.217.13.102

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6984c6b7b7dca4d9b212ed3b0d717df7d3dac4abc2f90ac3879f46d262b9f1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 80689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2317
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Aug 2023 15:28:35 GMT
expires: Thu, 15 Aug 2024 15:28:35 GMT
last-modified: Thu, 20 Aug 2020 17:06:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET view
googleads4.g.doubleclick.net/pcs/ Frame C280 0
0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7D3B 236 KB
63 KB 52ms
52ms Script
text/javascript 172.217.13.102

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 13:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 13:53:24 GMT

GET
H3 200 think_workmatters_T4_728x90_ani.js Show response
s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/ Frame 7D3B 20 KB
5 KB 28ms
28ms Script
application/x-javascript 172.217.13.102

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8bd0bc6b5539a20dace679d50729edd308576e56db4cf76629949ea01779f944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4834
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 17:06:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 22:29:52 GMT

GET
H3 200 think_workmatters_T4_728x90_ani_atlas_.png
s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/images/ Frame 7D3B 127 KB
127 KB 28ms
27ms Image
image/png 172.217.13.102

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/images/think_workmatters_T4_728x90_ani_atlas_.png

Requested by

Host: 5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com
URL: https://5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

28b4dfbd43189b401dfb4d21dae0dedaf35f365717d3bbedb21cd409801cb188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15852495800771388799/think_workmatters_T4_728x90_ani/think_workmatters_T4_728x90_ani.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 11:55:02 GMT
x-content-type-options: nosniff
age: 266302
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130434
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 17:06:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 11:55:02 GMT

GET view
googleads4.g.doubleclick.net/pcs/ Frame C280 0
0

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 46ms
46ms Ping
text/plain 172.217.13.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VJN3X16J7Y&gtm=45je3890h1&_p=1305701531&cid=1986060028.1692280399&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1692280398&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuasaude.com%2F&dt=Tua%20Sa%C3%BAde%20-%20Informa%C3%A7%C3%A3o%20de%20confian%C3%A7a%20sobre%20sa%C3%BAde%2C%20nutri%C3%A7%C3%A3o%20e%20bem%20estar&en=ad_impression&ep.query_id=COWTt-Dr44ADFZYoiAkdK6kJAw&_et=195
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJN3X16J7Y&l=tsDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.tuasaude.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 13:53:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuasaude.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B04C5CD1-92D5-4052-9676-9B83A32FD3AE

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: thrtle.com
URL: https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&gdpr=0&gdpr_consent=

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync?pid=187&uid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B04C5CD1-92D5-4052-9676-9B83A32FD3AE&gdpr=0&gdpr_consent=

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmGxShcgjyNUqptxNrVwYVF8IspC8DtH00MoTkF-AQlVV--hgXcq463paLef8QUuc5IQjP5sCrM-_F3LLf6ApJz7p8YTQuvcRNaw8qrODjYuFlE7Jt4V9Dk5ByVKBLdzXGD1jWlvgWiC_NCfwGwrKJqreYl6TP9a4JrISpIc_ufOEmiPuKiO7WyRrgYxnE4ALfIn-SO-V2zbEuUb95jEYJ1zyukp53vQ7Bttq9o7-8GXy_zQKMrl4yiwOxTBnI0vKCC66R24UtrUOxgv-RZfY29S3xkyyJYWVvlcWnXyZEDHvd5lYspQyg8sBAiKGN6FoM-5mJ3GvHZXkXpNoRKh_EeKlA14jWi5Vd2hrwcCvu9xJ3wUwPLN2N3Ehcj4Q_8T0M6C8qzsPOtxv2fb1fcIk_lzBThpnp3-_64q5jldEk1SlXwAnq9VAgXP4EI6e8Ns9ldh2hWweBtJcvItDlyQLuAPItgD_OYCQClB-VfM4rgjTT7awHx--l5nOXa73NXZch5jQvu57YeJYvMAnXr4Zbl_QMrEtwWtwFgh2UNdfyhSbHC9sEg8f9xg66ZAgTUY-bMi4HGedSEx4EF-DtV2DOlJq7epgohClPhoTAHJ3gDQTT8RxVtAYWTfpGMBfVozUAiaDfcbkk2H0_N-3g_86lDJsNOfdWkNVHcF9wbiDu-tIQaqksVDbFgzJcnIyBhv37K0wNsG8T-aS514_-PqKnxFuiM43PHjK_T8BsVO0svVFJJLN56V-p-xDeTWA-ktxH5--UweZKNylu_F55Euq_Ti_JOSXJ5f8RnNYbfInK47LYyZoZjvseFQ9HCj9o5ayrjlJ9hIgfQRdRfjms2ynUeC1tWgLcu09dr_l_sfLnyNI5D5Y7faZgKmYNfu8ivAk3f_bz9vp1PjDRHmD8ZjHX2_1RN7HdOBASGev9NKNQTvlQCYLxK9_OroTr9sTJZVFVdnuOIwXB6dr-QIkIIzp6dP-E-d-oyEhOY4a_YogP8c4AkKQFrw1lntOHKkjXqjquP9VeIL5AlczLW7AMUOBuWhLeLInZkrpCtKlDCSNQpu_1Oruzp82DPK_ZE9al6pj9zYDjyq4Pzcia8Me3Och3Y5JMn0untMVobclp1bF6hRR5EF6gE1GKsxYgzHiikoftEuYdD7ivF6V9E4KrRkp9tQ3UnOjmARVWvTF2vQfJ-nxGD8Cdz5prBoW2DBaomyN8PkBs7fPiKkwWEbY1ulSr78Td--adaUireia-Gd6Xu9QQnkZ2c6lvTkA4GT1opduY3Qenhfc9hOsBQDLHrDvmO4_mkY0HWJfMrb7HrhmtGIdJBiB-XtODBRA98RcYzZneOwo23Vg3xXXuaPUfxw-OBFaHj_9tsfP6U_Fp6ZDe5eAhPhCnvw&sai=AMfl-YSoZqu_9zNwQMOkj_-V8HyocFzvDhiC7Gk_nXLCBeUbWNMN4vwG3TDZw4pF54K51OqqaZ3YCCPEiTYeYl3nxopo1DFnFYAm4uX_Tgwg07sAgNliwRMZG34iyPy3ZFT_gx8CaJQbenApPr2tmyFriUnkJtzW-wgudsxBLM4LZxoTMB10U-UknGuvd_Ff9m4AqGGONfBD0yMnUhBbMqkGWHRCFk7MLhVpSb-FSAHJq6D8cDysZx69oexEaKQZOJyRMpSwmB6MD0kp1e7fnBCRUTdkPfqNcFK2XdOpMciox9q20TH5P8rgCk6CX7-AwCI&sig=Cg0ArKJSzGUZgHkb1hQQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3413&cbvp=1&cstd=3409&cisv=r20230815.93802&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmGxShcgjyNUqptxNrVwYVF8IspC8DtH00MoTkF-AQlVV--hgXcq463paLef8QUuc5IQjP5sCrM-_F3LLf6ApJz7p8YTQuvcRNaw8qrODjYuFlE7Jt4V9Dk5ByVKBLdzXGD1jWlvgWiC_NCfwGwrKJqreYl6TP9a4JrISpIc_ufOEmiPuKiO7WyRrgYxnE4ALfIn-SO-V2zbEuUb95jEYJ1zyukp53vQ7Bttq9o7-8GXy_zQKMrl4yiwOxTBnI0vKCC66R24UtrUOxgv-RZfY29S3xkyyJYWVvlcWnXyZEDHvd5lYspQyg8sBAiKGN6FoM-5mJ3GvHZXkXpNoRKh_EeKlA14jWi5Vd2hrwcCvu9xJ3wUwPLN2N3Ehcj4Q_8T0M6C8qzsPOtxv2fb1fcIk_lzBThpnp3-_64q5jldEk1SlXwAnq9VAgXP4EI6e8Ns9ldh2hWweBtJcvItDlyQLuAPItgD_OYCQClB-VfM4rgjTT7awHx--l5nOXa73NXZch5jQvu57YeJYvMAnXr4Zbl_QMrEtwWtwFgh2UNdfyhSbHC9sEg8f9xg66ZAgTUY-bMi4HGedSEx4EF-DtV2DOlJq7epgohClPhoTAHJ3gDQTT8RxVtAYWTfpGMBfVozUAiaDfcbkk2H0_N-3g_86lDJsNOfdWkNVHcF9wbiDu-tIQaqksVDbFgzJcnIyBhv37K0wNsG8T-aS514_-PqKnxFuiM43PHjK_T8BsVO0svVFJJLN56V-p-xDeTWA-ktxH5--UweZKNylu_F55Euq_Ti_JOSXJ5f8RnNYbfInK47LYyZoZjvseFQ9HCj9o5ayrjlJ9hIgfQRdRfjms2ynUeC1tWgLcu09dr_l_sfLnyNI5D5Y7faZgKmYNfu8ivAk3f_bz9vp1PjDRHmD8ZjHX2_1RN7HdOBASGev9NKNQTvlQCYLxK9_OroTr9sTJZVFVdnuOIwXB6dr-QIkIIzp6dP-E-d-oyEhOY4a_YogP8c4AkKQFrw1lntOHKkjXqjquP9VeIL5AlczLW7AMUOBuWhLeLInZkrpCtKlDCSNQpu_1Oruzp82DPK_ZE9al6pj9zYDjyq4Pzcia8Me3Och3Y5JMn0untMVobclp1bF6hRR5EF6gE1GKsxYgzHiikoftEuYdD7ivF6V9E4KrRkp9tQ3UnOjmARVWvTF2vQfJ-nxGD8Cdz5prBoW2DBaomyN8PkBs7fPiKkwWEbY1ulSr78Td--adaUireia-Gd6Xu9QQnkZ2c6lvTkA4GT1opduY3Qenhfc9hOsBQDLHrDvmO4_mkY0HWJfMrb7HrhmtGIdJBiB-XtODBRA98RcYzZneOwo23Vg3xXXuaPUfxw-OBFaHj_9tsfP6U_Fp6ZDe5eAhPhCnvw&sai=AMfl-YSoZqu_9zNwQMOkj_-V8HyocFzvDhiC7Gk_nXLCBeUbWNMN4vwG3TDZw4pF54K51OqqaZ3YCCPEiTYeYl3nxopo1DFnFYAm4uX_Tgwg07sAgNliwRMZG34iyPy3ZFT_gx8CaJQbenApPr2tmyFriUnkJtzW-wgudsxBLM4LZxoTMB10U-UknGuvd_Ff9m4AqGGONfBD0yMnUhBbMqkGWHRCFk7MLhVpSb-FSAHJq6D8cDysZx69oexEaKQZOJyRMpSwmB6MD0kp1e7fnBCRUTdkPfqNcFK2XdOpMciox9q20TH5P8rgCk6CX7-AwCI&sig=Cg0ArKJSzGUZgHkb1hQQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3638&vt=11&dtpt=225&dett=3&cstd=3409&cisv=r20230815.93802&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tuasaude.com/	1970-01-20 14:06:06	Name: _gid Value: GA1.2.1979998053.1692280399
.tuasaude.com/	1970-01-20 16:14:16	Name: _fbp Value: fb.1.1692280398679.882874710
.tuasaude.com/	1970-01-20 16:14:16	Name: _gcl_au Value: 1.1.52212406.1692280399
.tuasaude.com/	1970-01-20 14:04:40	Name: _gat Value: 1
.tuasaude.com/	1970-01-20 14:04:40	Name: _gat_UA-130025901-22 Value: 1
.tuasaude.com/	1970-01-20 23:40:40	Name: _ga Value: GA1.1.1986060028.1692280399
.tuasaude.com/	1970-01-20 23:40:40	Name: _ga_KMLKQF5N2B Value: GS1.1.1692280398.1.0.1692280398.0.0.0
.tuasaude.com/	1970-01-20 14:04:40	Name: lotame_domain_check Value: tuasaude.com
.openx.net/	1970-01-20 22:50:16	Name: i Value: 246e8b7c-24e9-47d7-bdb9-ea7ef3dde5c7\|1692280399
.tuasaude.com/	1970-01-20 22:50:16	Name: _pin_unauth Value: dWlkPU1XUTVaRFV3WmpVdE9XRmhZUzAwWkRReUxXSXpaRFl0T1dKbFpUUmhPVGc1Tnpoaw
.crwdcntrl.net/	1970-01-20 20:33:25	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:33:25	Name: _cc_id Value: 4ea71c21a05dda5f556bc51935fecf0c
.tuasaude.com/	1970-01-20 20:33:28	Name: _cc_id Value: 4ea71c21a05dda5f556bc51935fecf0c
.tuasaude.com/	1970-01-20 14:06:06	Name: panoramaId_expiry Value: 1692366799210
.ct.pinterest.com/	1970-01-20 22:50:16	Name: _pinterest_ct_ua Value: "TWc9PSZOZlROREdxci9STU5xYWs1SVVTMm1UQVZHMGtUSTVQTW5oMHRueFg3OTZCWGtaWVl6TmxubFZhRzgyVlhDM1AxU0dTMVRFRDhsNTArRWhYV1FXWTR6bWVxRld6NGFiU0FDdlJVZjk1QkQwVT0mWERJRTQ0Zno4RHJpeGR6QndvMTdOamdSbjlNPQ=="
.amazon-adsystem.com/	1970-01-20 19:32:59	Name: ad-id Value: A2lcDWcOckeUgRkJzB6zQwA
.amazon-adsystem.com/	1970-01-20 23:40:40	Name: ad-privacy Value: 0
.yahoo.com/	1970-01-20 22:50:38	Name: A3 Value: d=AQABBE8m3mQCEIh4viUuYSIwQPRbWHl4zw8FEgEBAQF332ToZAAAAAAA_eMAAA&S=AQAAAjrHA2RPb2mk73-qi8OsUi4
.adsrvr.org/	1970-01-20 22:51:42	Name: TDID Value: cf072dc5-4d6f-4686-b6c4-37c7eaf38923
.doubleclick.net/	1970-01-20 23:40:40	Name: IDE Value: AHWqTUkCpQy3exghb4f9mY4k32rKocUIRVTHDajl6vkT1f18u1QH-W6Gw4BA-h22GoU
.openx.net/	1970-01-20 14:26:16	Name: univ_id Value: 537072971\|cf072dc5-4d6f-4686-b6c4-37c7eaf38923\|1692280399450762
.tuasaude.com/	1970-01-20 23:26:16	Name: __gads Value: ID=8b10c5ce309770e5:T=1692280399:RT=1692280399:S=ALNI_MbTkkMRaf18pcsJUbEx8JrYk_zIbg
.tuasaude.com/	1970-01-20 23:26:16	Name: __gpi Value: UID=00000d8bd74a1dfc:T=1692280399:RT=1692280399:S=ALNI_MY3EhUWUfnkLU-ClTPqTIAPtNhmeg
.tuasaude.com/	1970-01-20 23:40:40	Name: _ga_VJN3X16J7Y Value: GS1.1.1692280398.1.0.1692280399.59.0.0
.openx.net/	1970-01-20 14:26:16	Name: pd Value: v2\|1692280399.1\|vPvMgakWgy.iKbwhEgKg2
.casalemedia.com/	1970-01-20 22:50:16	Name: CMID Value: ZN4mUE1VLSPQLpRKbP4jNQAA
.casalemedia.com/	1970-01-20 16:14:16	Name: CMPS Value: 134
.casalemedia.com/	1970-01-20 16:14:16	Name: CMPRO Value: 134
.simpli.fi/	1970-01-20 22:51:42	Name: suid Value: 96266468B6874716B7CCBE5D097794E5
.smaato.net/	1970-01-20 14:34:54	Name: SCM Value: a89a0ecee3
.analytics.yahoo.com/	1970-01-20 22:50:16	Name: IDSYNC Value: 18y3~2ded
.smartadserver.com/	1970-01-20 23:34:54	Name: pid Value: 240977721975030030
.smaato.net/	1970-01-20 14:19:47	Name: SCMaps Value: a89a0ecee3
.zemanta.com/	1970-01-20 22:50:16	Name: zuid Value: 6sJmOAMVRLuwuj8PWqIi
.everesttech.net/	1970-01-20 22:50:16	Name: everest_g_v2 Value: g_surferid~ZN4mUAAAAyOoQAA4
.media.net/	1970-01-20 22:50:16	Name: visitor-id Value: 3352820005669622000V10
.adnxs.com/	1970-01-20 16:14:16	Name: uuid2 Value: 5341192838680318770
.turn.com/	1970-01-20 18:23:52	Name: uid Value: 7324548135155167890
.lijit.com/	1970-01-20 22:50:16	Name: ljt_reader Value: HKpBaPZHo18uWja_T6a8UMij
.rlcdn.com/	1970-01-20 15:31:04	Name: pxrc Value: CNDM+KYGEgUI6AcQABIFCOhHEAA=
.lijit.com/	1970-01-20 22:50:16	Name: ljtrtbexp Value: eJyrVrIwULIyNLM0NrE0AAIdJUtzVL4RKtfCBE3aGJlfCwCFpg%2F6
.adnxs.com/	1970-01-20 16:14:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTrp2]jo!]tbPl1M>e)ZlrFUfJ+tGXxo@EX4:Pt$q3<Z-86AoqqYjy8m`dVWU8J2UK3If)y3KL9D3I?+Iw#iX^
.rubiconproject.com/	1970-01-20 22:50:16	Name: khaos Value: LLF82205-24-KOWW
.doubleclick.net/	1970-01-20 18:23:52	Name: APC Value: AfxxVi4sjnZAvLebEKfq3cjbPRWpA8DIYesgXUTU7WZEVYH20twJ5g
.lijit.com/	1970-01-20 22:50:16	Name: _ljtrtb_2 Value: 96266468B6874716B7CCBE5D097794E5
.pubmatic.com/	1970-01-20 22:50:16	Name: KADUSERCOOKIE Value: B04C5CD1-92D5-4052-9676-9B83A32FD3AE
.pubmatic.com/	1970-01-20 16:14:16	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:06:06	Name: pi Value: 156011:2
.pubmatic.com/	1970-01-20 16:14:16	Name: DPSync3 Value: 1693440000%3A201_263%7C1692316800%3A248%7C1692835200%3A265
.pubmatic.com/	1970-01-20 16:14:16	Name: SyncRTB3 Value: 1693440000%3A220_21_13_54_250_71
.adsrvr.org/	1970-01-20 22:51:42	Name: TDCPM Value: CAESFQoGY2FzYWxlEgsI5q74k-vMjzwQBRIXCghwdWJtYXRpYxILCKrB5ZfrzI88EAUYASABKAIyCwiquejEgc2PPBAFOAFaCHB1Ym1hdGljYAI.
.3lift.com/	1970-01-20 16:14:16	Name: tluid Value: 3545403994868693343782
.creativecdn.com/	1970-01-20 22:50:16	Name: u Value: nCFcoabTzcUmYnBA9BFi
.creativecdn.com/	1970-01-20 22:50:16	Name: ts Value: 1692280401
.rubiconproject.com/	1970-01-20 22:50:16	Name: audit Value: 1\|l1zMKZjr+MP27TP7gDEiNk7BLWOB9rAYKlZKbn8zC8YCaXVZfvB2KV086IXwtdAI5WX8+EFYn1wiZ07GJqnMno4BjqNRGrmz
.linkedin.com/	1970-01-20 22:50:16	Name: bcookie Value: "v=2&aba316d2-718d-488c-8602-2f1ba5039290"
.linkedin.com/	1970-01-20 14:06:06	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2942:u=1:x=1:i=1692280401:t=1692366801:v=2:sig=AQEjD7YuiG4PNIGH72vG_a0pdDx2ekq3"
.acuityplatform.com/	1970-01-20 22:50:16	Name: auid Value: 815026752044
.acuityplatform.com/	1970-01-20 22:50:16	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRQB4WnGomGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUAeFpxqI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.bidswitch.net/	1970-01-20 22:50:16	Name: tuuid Value: a14903c2-feaa-429f-a0b3-951cd5b52eda
.bidswitch.net/	1970-01-20 22:50:16	Name: c Value: 1692280401
.bidswitch.net/	1970-01-20 22:50:16	Name: tuuid_lu Value: 1692280401
.tribalfusion.com/	1970-01-20 16:14:16	Name: ANON_ID Value: ainsmAt3er66AxvPBQpBnKOiLpjO3wqdOH6UAQ2ZcMVwrQ8DjsDS11Zc4iK5rNuM3beql9xb0uZbgZaP
.pippio.com/	1970-01-20 22:50:16	Name: did Value: m7t7qoxQ2-1nXV65
.pippio.com/	1970-01-20 22:50:16	Name: didts Value: 1692280401
.pippio.com/	1970-01-20 15:31:04	Name: nnls Value:
.lijit.com/	1970-01-20 22:50:16	Name: ljtrtb Value: eJyrVjJSslKyNDMyMzMxs3AyszA3MTc0czJ3dnZyNXUxsDQ3tzRxNVWqBQC03QkS
.lijit.com/	1970-01-20 22:50:16	Name: _ljtrtb_84 Value: c:dd9559e307de97e659e30f3d1031aef7
.pippio.com/	1970-01-20 15:31:04	Name: pxrc Value: CNHM+KYGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/	1970-01-20 16:14:16	Name: KRTBCOOKIE_80 Value: 22987-CAESEBWELbAPiC_WEkoQlgl-49A&KRTB&23025-CAESEBWELbAPiC_WEkoQlgl-49A&KRTB&23386-CAESEBWELbAPiC_WEkoQlgl-49A
.pubmatic.com/	1970-01-20 14:47:52	Name: KRTBCOOKIE_148 Value: 19421-uid:96266468B6874716B7CCBE5D097794E5&KRTB&23489-uid:96266468B6874716B7CCBE5D097794E5
.pubmatic.com/	1970-01-20 14:47:52	Name: PugT Value: 1692264310
.linksynergy.com/	1970-01-20 22:50:16	Name: rmuid Value: b43145ed-51da-4ba3-a2c4-e5dbd287b8da
.linksynergy.com/	1970-01-20 22:50:16	Name: icts Value: 2023-08-17T13:53:22Z
.rlcdn.com/	1970-01-20 22:50:16	Name: rlas3 Value: yJOSFBT263JdW0s4hfySZt+8HmX9CO60Z6L3gDfwUUg=
.creative-serving.com/	1970-01-20 23:26:16	Name: tuuid Value: 640805bc-f8ab-43b6-b670-b1317108d2ec
.creative-serving.com/	1970-01-20 23:26:16	Name: c Value: 1692280402
.creative-serving.com/	1970-01-20 23:26:16	Name: tuuid_lu Value: 1692280402
.pubmatic.com/	1970-01-20 14:47:52	Name: SPugT Value: 1692264678

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20B04C5CD1-92D5-4052-9676-9B83A32FD3AE&rnd=RND Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5eefb10ce4e186030db431a69b85bfdb.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
crb.kargo.com
creativecdn.com
cs.media.net
ct.pinterest.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
s.ad.smaato.net
s.amazon-adsystem.com
s.pinimg.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
static.tuasaude.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.outbrain.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tuasaude.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tuasaude.com
x.bidswitch.net
cm.adgrx.com
googleads4.g.doubleclick.net
match.prod.bidr.io
pixel.tapad.com
pubmatic-match.dotomi.com
sync.bfmio.com
thrtle.com
104.18.24.173
104.36.115.113
107.178.254.65
108.156.180.227
13.107.42.14
142.250.176.200
142.251.111.154
142.251.40.100
142.251.40.98
144.217.72.55
146.75.28.84
15.197.193.217
151.101.0.84
151.101.1.229
151.101.130.49
172.217.13.102
172.217.13.130
172.217.13.142
172.217.13.162
172.217.13.163
172.217.13.174
172.217.13.193
172.217.13.97
172.217.13.98
18.205.99.4
185.184.8.90
185.93.1.246
192.40.39.223
199.127.204.142
199.127.204.171
23.105.12.170
23.34.248.177
23.41.168.202
23.41.170.143
23.92.190.68
3.160.22.127
3.160.3.135
3.160.4.198
3.160.5.125
3.160.5.91
3.225.218.10
31.13.71.36
31.13.71.7
34.102.146.192
34.120.107.143
34.150.170.96
34.98.67.3
35.190.60.146
35.211.178.172
35.244.159.8
40.76.134.238
44.210.181.70
50.116.194.21
52.223.22.214
52.45.94.184
52.46.130.91
52.7.24.177
54.85.119.254
54.87.87.55
63.251.114.136
64.202.112.159
67.220.228.202
68.67.160.186
69.173.151.100
69.90.254.78
70.42.32.31
8.28.7.83
8.28.7.84
8.43.72.97
00e055020368816daf8c19674e3d5e109ea891718d2b2f833777ee3fdc90a338
01533d8ed25f4fb672920f1ceb9c8d52f268e84ca0d83793599540078c4e1cfc
029548e6933ae9083b9be422ed6f21b9c6f492d7f1649df1b04a6fbd64f9e425
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b1944cfd7c142b270f79cda1982004c30b22644c44d3829b6d93f20170a363
07b896a6d0efd4c2b706477a0f2c2ada2dff59d654a3cd4bf2ed84333a90d7c7
086917efafa4a37efc3a0dfc6b56381792342e58041eb38f31f092316ee33385
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea5d5b963a524c63f0060d4481921b45a93f73fd826f58d4cbefb3740f3a02f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14c12c05c03cb1dfed9de4ee40310b53d7619550e0c72f0d8cec64332d026e20
1529d917385280ebaaaf0aef7aa493cefbec92595b82d26d14284000a4b72275
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
172ab34e35e09c3a71e078a7fc6cfa491f3ca0a54e112cf2adcf2f60aa4b33e1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1f9b3ef69038e1af045eed6845170a6e49ca725b61033971c90556a6fbb9e48f
25788721fd0396ed6c4037d6031619f4516d0b7014f4a1d8ff87e72e831dba45
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
28b4dfbd43189b401dfb4d21dae0dedaf35f365717d3bbedb21cd409801cb188
29e5f3a869e27ac814e94139625b9888dcc2159f51498939c8fc30246bff4852
2ac9b70a877b36a972be63e6ef4232da073fc2a9487b37453c704fe10129ab9a
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b5acd970997b2e889381b4876e35a181d23195f6f74255d1cb4f0ee9daab3e
36eca59a20fd826ca7e79c3a4c51de839b9e5b774b6f6662d6e2c53fb3b5b18f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bf71c8c06c39c0608605e2f0d6a8a186aa5e0ea305414a6fb748700f34351c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405fa58429b9cba6baa88a5369464cdb67973fb98e1e9b39f831f65d081ea021
4390638e76d0b4b63b9c290db13a9ad38a82736135af43e86ee154491ccd2cd4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
493c7bc338f642d266da8a7689872450f4d312f8230855530f6eeb8b4c6a02b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
58fb35fca80008dfe77445b0d7c287c4b6ee424077461763cc2ad94b9ff4e485
590ec920f36aa1901c72013f82a86891dcf6584db069e3900104456f0f9ae1d7
5dc16533b6e87e12fa4d6e38f3ebb109b00e449bd1f1a7411167ffce0dd98d64
604ab12d591fd7812876734842524006798a40a6b94d89f1a98ae36d37686ba0
6130b0b996b9206b3a3a3882177a56f3b11aa70074feb1a6a9367539bccbfee6
6243857a6ed9257f1dcc61d8e23653c363641d409bbe38af947f65d2271ad2f2
6672c66da37c824863f5c87967540777ffc1043f7c9f4aa49c4605cb0e98fa87
6984c6b7b7dca4d9b212ed3b0d717df7d3dac4abc2f90ac3879f46d262b9f1a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ee04346ea6d6b67889969ec6ad3e62c3f0a3c6139417e3bd6fa40b15e63d46b
72eca2dc8243007f7ecc2329b5a32a9a6c3dd1d18dbfa78069776f84d86bd810
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7985d75dbaeedfa0494d934b3d3754602e5b2c345d2a68c0dc680cc974a61029
7a58e590065ea5f6bd8564abeb6ac06788a0fb4031dc7704ef0f4f5d0144d502
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
8652fb2d50ca189c20224485b2d692a7b0cf9e7e221b631d49768ea289463527
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8a9d5fdc31b1ab3bb105f8a1f8f05af0c104791629a515dddec88f25c5958aa2
8bd0bc6b5539a20dace679d50729edd308576e56db4cf76629949ea01779f944
8f9fcc643518fba97c44570485f196b7d717e87af76b6fb877ca071a9a923de8
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
974513082ca4f0198e25c1d702639d0446bb77fe96146e6c55833fd44692943f
989a577cb3a9aab64a05ccffd01689b166ccfdeffe725e2502a7a5f86adfbd73
9a641f806d420468edaccc03b974dab6b8430221078ebec02713a8098e5d68f9
9e271e920684f0a8dea5ccc561a4f832f0f78b554765fa224ef4318d286575db
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0452fafa1ef8d98b6ace3f7ed00e9c8a6fe77ecdf643159eac9c25a5b27e0bf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b7614f8a49de9a8cf09a891ca3c24266de440df99ba0cd556ad3bacd544ef2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a722186333971d2ca80d257322e8ca361b5252286a9ec3ea87184875b3eb66c9
a964eca25789405472229a88e2835093ecb46e64e644eb5c43da6db0f748b464
ab19e1e82c5b7e2f4422425a85a1c371a3fd2eea9a63abc927c305fe8437f401
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb77f4c1a3d09ea04de1ed0df738933c9a34c74cc59f8a93b0cf1819ba1101b
b08f1a92f3dd85b04971507ee42f1288c969e56eaead2ae44c7b27781a864676
b12dfd63bf77812e593aca71a50ace9447340eddc9b52c6bbfa6e916fea7af9d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b49aeb1650b43f303f37eb030febf655a0a9579ae229efe674aa5cccfbce480e
b4a482b47a1fec24e541c78a0563a1f4dc9a8b6f51a99cbf5fa1d342a3347b54
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb465714514141b016e740899b28d7e3388c0ee64cee29a62bae8f108ad99883
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc71c25d3510fdda2060d656ec8f5704d23f33fe9b89f280ad089c366ac18c64
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3fd9237057d281b0901ea337ed40f521a05e7252a98ad7a3d2163b51a652653
c8ffd0483cb87037b735d0a28e75da79edcb55040c39936d5e62ef206e8da38e
cbdb100b2b63bc5934671a532e1483b44eb101ad62ac929b9a8f8e4171dbc3e8
cee317e418c92c6cdbf79881a463e10015f3e894989f73bac8666f54b9ab34c0
cfeb11f2c5cdcbc93110dbc3f5856d1046c2e5291fd5f9944882fb06e33f484d
d44127375b242684dd61770404907e887f03710bf5d4b9c48275c3f09ca2cbc7
d4a3775261cecd3ce2a1710b67345a03c617b29439922218f3e2f6b04257ee99
de063d1345f75bbeb28f7748652717e544899bf8e518de37cb55ed215b99f655
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df17aec2792d6f1fd1772dbfc95577c98f2bcac431441afad7720b6fe6a44ae4
df4f0103675c7dde283c9e092a04991b2f332a17f49544c5012af3c8a49d5444
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9a00a25b65067adc3188475b310d848aa3b84f67d0b309007d7249622e40070
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef580230ce46fc99487cf3666eda8dfd4f181fe8b3e456670ec61985c6c258ce
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6
fd386afa44d059e6ca715a93b137ed3f3129d0256ee732ce7f7379646daebd87

www.tuasaude.com Open in urlscan Pro 144.217.72.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

72 %HTTPS

0 %IPv6

57 Domains

87 Subdomains

48 IPs

5 Countries

2284 kBTransfer

4940 kBSize

79 Cookies

9 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tuasaude.com Open in urlscan Pro
144.217.72.55 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

72 %
HTTPS

0 %
IPv6

57
Domains

87
Subdomains

48
IPs

5
Countries

2284 kB
Transfer

4940 kB
Size

79
Cookies

187 HTTP transactions
1 data transactions