urlscan.io logo urlscan.io
SecurityTrails logo

portaldogremista.com.br Open in urlscan Pro
45.224.128.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portaldogremista.com.br/
Effective URL: https://portaldogremista.com.br/
Submission: On July 21 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 13 countries across 112 domains to perform 414 HTTP transactions. The main IP is 45.224.128.162, located in Xaxim, Brazil and belongs to Ferenz Networks, BR. The main domain is portaldogremista.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 7th 2022. Valid for: 3 months.
This is the only time portaldogremista.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 45.224.128.162 266400 (Ferenz Ne...)
1 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
3 184.29.128.58 16625 (AKAMAI-AS)
3 52.95.150.50 16509 (AMAZON-02)
1 199.115.115.26 30633 (LEASEWEB-...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
23 2607:f8b0:400... 15169 (GOOGLE)
1 202.61.204.169 197540 (NETCUP-AS...)
7 2607:f8b0:400... 15169 (GOOGLE)
1 4 151.101.129.44 54113 (FASTLY)
10 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.1.44 54113 (FASTLY)
1 5 13.225.223.105 16509 (AMAZON-02)
19 2607:f8b0:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
25 192.96.201.97 30633 (LEASEWEB-...)
4 142.251.40.130 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 5 63.251.114.137 29791 (VOXEL-DOT...)
3 6 68.67.181.211 29990 (ASN-APPNEX)
1 145.40.88.5 54825 (PACKET)
1 74.119.119.129 19750 (AS-CRITEO)
1 199.187.193.164 47043 (SMARTADSE...)
1 2602:803:c002... 26667 (RUBICONPR...)
3 6 104.18.19.126 13335 (CLOUDFLAR...)
2 7 96.46.183.20 7979 (SERVERS-COM)
3 12 35.244.159.8 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 38.91.101.241 63023 (AS-GLOBAL...)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
40 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 4 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.162 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
10 21 142.250.81.226 15169 (GOOGLE)
3 3 151.101.66.49 54113 (FASTLY)
5 5 75.126.248.142 36351 (SOFTLAYER)
2 2 162.19.80.91 16276 (OVH)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 35.71.139.29 16509 (AMAZON-02)
3 4 52.45.33.138 14618 (AMAZON-AES)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
1 2a00:1450:400... 15169 (GOOGLE)
1 5.226.179.10 209242 (CLOUDFLAR...)
1 23.37.232.244 16625 (AKAMAI-AS)
4 23.199.201.230 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
4 7 35.190.60.146 15169 (GOOGLE)
1 4 199.187.193.204 47043 (SMARTADSE...)
1 54.36.150.182 16276 (OVH)
13 14 35.211.178.172 15169 (GOOGLE)
1 1 52.202.34.66 14618 (AMAZON-AES)
2 2 178.250.0.163 44788 (ASN-CRITE...)
2 2 74.119.119.150 19750 (AS-CRITEO)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 4 23.3.125.39 16625 (AKAMAI-AS)
20 72.251.238.254 29791 (VOXEL-DOT...)
4 4 74.121.140.14 30419 (MEDIAMATH...)
1 1 198.24.171.51 19437 (SS-ASH)
2 2 213.19.162.80 3356 (LEVEL3)
5 5 207.198.113.87 13768 (COGECO-PEER1)
3 3 50.16.197.56 14618 (AMAZON-AES)
2 3 107.178.246.49 15169 (GOOGLE)
1 1 199.38.167.130 54312 (ROCKETFUEL)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 35.207.24.140 15169 (GOOGLE)
2 5 8.43.72.97 26667 (RUBICONPR...)
1 1 18.211.160.120 14618 (AMAZON-AES)
6 6 3.217.8.50 14618 (AMAZON-AES)
3 6 52.46.128.147 16509 (AMAZON-02)
2 2 2620:116:800b... 14618 (AMAZON-AES)
2 2 68.67.160.76 29990 (ASN-APPNEX)
6 6 3.33.220.150 16509 (AMAZON-02)
7 7 199.127.204.142 26120 (RHYTHMONE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
3 23.37.232.202 16625 (AKAMAI-AS)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 3 2600:1f13:d60... 16509 (AMAZON-02)
1 1 5.200.44.122 48096 (ITGRAD)
1 188.42.29.196 39134 (UNITEDNET)
2 2 193.232.150.150 48061 (UMA-TECH-AS)
1 88.99.28.61 24940 (HETZNER-AS)
1 151.236.127.145 204720 (CDNETWORKS)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 104.36.115.113 62713 (AS-PUBMATIC)
3 4 185.167.164.43 198622 (ADFORM)
2 31 104.36.115.109 62713 (AS-PUBMATIC)
2 2 129.158.42.199 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 173.231.178.77 29791 (VOXEL-DOT...)
1 1 18.214.248.28 14618 (AMAZON-AES)
4 4 35.211.233.246 15169 (GOOGLE)
1 2 3.215.99.170 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 52.45.55.227 14618 (AMAZON-AES)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
3 8.28.7.84 62713 (AS-PUBMATIC)
1 54.146.231.30 14618 (AMAZON-AES)
1 1 54.80.1.197 14618 (AMAZON-AES)
2 2 2606:ae80:145... 26762 (CNVR-US-EAST)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
4 5 69.173.151.100 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2001:4998:1c:... 14779 (YAHOO)
1 54.239.38.253 16509 (AMAZON-02)
3 3 31.172.81.158 44066 (DE-FIRSTC...)
2 2 89.108.120.76 197695 (AS-REG)
1 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 9 104.18.39.170 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.17.133.181 13335 (CLOUDFLAR...)
1 1 23.3.125.24 ()
1 2 2001:6d0:4001... ()
1 45.135.121.72 ()
1 1 139.162.117.143 ()
1 5.161.47.120 ()
1 195.5.165.20 ()
1 1 2606:4700::68... ()
1 1 104.45.178.220 ()
3 3 74.222.140.158 ()
4 4 141.94.171.215 ()
2 2 107.20.181.84 ()
1 23.197.37.29 ()
2 2 35.201.96.126 ()
1 8.28.7.109 ()
1 2 50.57.31.206 ()
1 143.204.146.39 ()
1 1 34.102.253.54 ()
1 1 159.65.196.12 ()
1 34.205.59.145 ()
1 51.222.39.184 ()
1 82.145.213.8 ()
414 94
40    45.224.128.162 (Xaxim, Brazil)

ASN266400 (Ferenz Networks, BR)
PTR: br5.kangaroo.srv.br
portaldogremista.com.br
1    2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    184.29.128.58 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-58.deploy.static.akamaitechnologies.com
barra.r7.com
cms-media-api.r7.com
3    52.95.150.50 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
campaigns-ad.s3.eu-west-2.amazonaws.com
1    199.115.115.26 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
s.clickiocdn.com
4    2606:4700:3035::6815:3249 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
cookies.pn.vg
23    2607:f8b0:4006:81d::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    202.61.204.169 (Austria)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: mail.crypto-webminer.com
trustiseverything.de
7    2607:f8b0:4006:816::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
match.taboola.com
10    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
5    13.225.223.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-105.jfk51.r.cloudfront.net
sb.scorecardresearch.com
19    2607:f8b0:4006:80a::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
3    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
8    2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
25    192.96.201.97 (West Mifflin, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
clickiocdn.com
4    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:806::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    63.251.114.137 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    68.67.181.211 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    199.187.193.164 (Canada)

ASN47043 (SMARTADSERVER, CA)
prg.smartadserver.com
1    2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
7    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
alz-d.openx.net
us-u.openx.net
eu-u.openx.net
2    2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
1    38.91.101.241 (New York, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: us-ny-1.pro.ip-api.com
pro.ip-api.com
13    2607:f8b0:4006:824::200e (New York, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2606:4700:3035::ac43:9ecd (United States)

ASN13335 (CLOUDFLARENET, US)
api.pn.vg
40    2607:f8b0:4006:823::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
7    2607:f8b0:4006:817::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    2607:f8b0:4006:809::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2607:f8b0:4006:80d::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
21    142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
cm.g.doubleclick.net
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
c.eu1.dyntrk.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2a00:1450:400e:811::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    5.226.179.10 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
members.bet365.com
1    23.37.232.244 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-232-244.deploy.static.akamaitechnologies.com
js-sec.indexww.com
4    23.199.201.230 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-201-230.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    199.187.193.204 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    54.36.150.182 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip182.ip-54-36-150.eu
cookie-matching.mediarithmics.com
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    52.202.34.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-34-66.compute-1.amazonaws.com
rtb.adstanding.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    2606:4700::6811:5459 (United States)

ASN13335 (CLOUDFLARENET, US)
br.betano.com
4    23.3.125.39 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-39.deploy.static.akamaitechnologies.com
px.owneriq.net
20    72.251.238.254 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
4    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    198.24.171.51 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
2    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
5    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
loada.exelator.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
1    18.211.160.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-160-120.compute-1.amazonaws.com
aorta.clickagy.com
6    3.217.8.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-8-50.compute-1.amazonaws.com
match.prod.bidr.io
6    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
data.adsrvr.org
match.adsrvr.org
7    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    23.37.232.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-232-202.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    2600:1f13:d60:4f07:3863:3294:52fe:c4b3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    5.200.44.122 (Moscow, Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    188.42.29.196 (Luxembourg)

ASN39134 (UNITEDNET, RU)
lbs-ru1.ads.betweendigital.com
2    193.232.150.150 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.ntvplus.ru
px.adhigh.net
1    88.99.28.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.28.99.88.clients.your-server.de
sync.dmp.otm-r.com
1    151.236.127.145 (Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
31    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    129.158.42.199 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    173.231.178.77 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    18.214.248.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-248-28.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
2    3.215.99.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-99-170.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    52.45.55.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-55-227.compute-1.amazonaws.com
pm.w55c.net
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    54.146.231.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-231-30.compute-1.amazonaws.com
rtb.adentifi.com
1    54.80.1.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-1-197.compute-1.amazonaws.com
sync.ipredictive.com
2    2606:ae80:1451:14::1080 (United States)

ASN26762 (CNVR-US-EAST, US)
pubmatic-match.dotomi.com
2    204.2.255.233 (Fort Lauderdale, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
5    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2001:4998:1c:800::1000 (United States)

ASN14779 (YAHOO, US)
ads.yahoo.com
1    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
9    104.18.39.170 (None, )

ASN13335 (CLOUDFLARENET, US)
www.pinnacle.com
2    2606:4700:3035::ac43:9c18 (United States)

ASN13335 (CLOUDFLARENET, US)
admaxium.com
pixel.admaxium.com
1    104.17.133.181 (None, )

ASN13335 (CLOUDFLARENET, US)
www.br.betboo.com
1    23.3.125.24 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
1    45.135.121.72 (None, )

ASN- ()
br.1xbet.com
1    139.162.117.143 (None, )

ASN- ()
gocm.c.appier.net
1    5.161.47.120 (None, )

ASN- ()
matching.truffle.bid
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    2606:4700::6813:ad6c (None, )

ASN- ()
csync.loopme.me
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
3    74.222.140.158 (None, )

ASN- ()
match.bnmla.com
4    141.94.171.215 (None, )

ASN- ()
pixel.onaudience.com
2    107.20.181.84 (None, )

ASN- ()
sync.crwdcntrl.net
1    23.197.37.29 (None, )

ASN- ()
tags.bluekai.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    8.28.7.109 (None, )

ASN- ()
aud.pubmatic.com
2    50.57.31.206 (None, )

ASN- ()
uipglob.semasio.net
1    143.204.146.39 (None, )

ASN- ()
aa.agkn.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.205.59.145 (None, )

ASN- ()
rtb.gumgum.com
1    51.222.39.184 (None, )

ASN- ()
onetag-sys.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
63 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
822 KB
43 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
381 KB
40 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com — Cisco Umbrella Rank: 604
image2.pubmatic.com — Cisco Umbrella Rank: 875
image4.pubmatic.com — Cisco Umbrella Rank: 891
simage4.pubmatic.com — Cisco Umbrella Rank: 1208
aud.pubmatic.com
44 KB
40 portaldogremista.com.br
portaldogremista.com.br
616 KB
26 clickiocdn.com
s.clickiocdn.com — Cisco Umbrella Rank: 40639
clickiocdn.com — Cisco Umbrella Rank: 32119
185 KB
25 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 699
ce.lijit.com — Cisco Umbrella Rank: 973
56 KB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 96
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2112
www.google.com — Cisco Umbrella Rank: 10
112 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
eus.rubiconproject.com — Cisco Umbrella Rank: 598
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2305
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 943
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
secure-assets.rubiconproject.com
29 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
302 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
7 KB
12 openx.net
alz-d.openx.net — Cisco Umbrella Rank: 97257
us-u.openx.net — Cisco Umbrella Rank: 391
eu-u.openx.net — Cisco Umbrella Rank: 2116
2 KB
9 pinnacle.com
www.pinnacle.com — Cisco Umbrella Rank: 275780
92 KB
9 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2101
lbs-ru1.ads.betweendigital.com — Cisco Umbrella Rank: 27779
cache.betweendigital.com — Cisco Umbrella Rank: 18674
7 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
acdn.adnxs.com — Cisco Umbrella Rank: 566
secure.adnxs.com — Cisco Umbrella Rank: 430
25 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
7 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473
ads.yahoo.com — Cisco Umbrella Rank: 1462
4 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
dis.criteo.com — Cisco Umbrella Rank: 713
widget.us.criteo.com — Cisco Umbrella Rank: 18353
10 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
324 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294
5 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 622
idsync.rlcdn.com — Cisco Umbrella Rank: 324
1 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
40 KB
6 adsrvr.org
data.adsrvr.org — Cisco Umbrella Rank: 6246
match.adsrvr.org — Cisco Umbrella Rank: 362
3 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 481
3 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 553
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
5 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
3 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 850
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1467
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
4 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
5 KB
5 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 70848
cookies.pn.vg — Cisco Umbrella Rank: 84405
api.pn.vg — Cisco Umbrella Rank: 88558
65 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2790
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 606
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 474
2 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1003
2 KB
4 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12225
1 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 922
trc.taboola.com
match.taboola.com
172 KB
3 bnmla.com
match.bnmla.com
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2147
822 B
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 2861
2 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 915
ad.turn.com — Cisco Umbrella Rank: 824
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
623 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1287
loada.exelator.com
3 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 640
845 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 893
2 KB
3 amazonaws.com
campaigns-ad.s3.eu-west-2.amazonaws.com — Cisco Umbrella Rank: 388338
68 KB
3 r7.com
barra.r7.com — Cisco Umbrella Rank: 372866
cms-media-api.r7.com — Cisco Umbrella Rank: 256595
18 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
624 B
2 crwdcntrl.net
sync.crwdcntrl.net
905 B
2 tns-counter.ru
www.tns-counter.ru
707 B
2 admaxium.com
admaxium.com — Cisco Umbrella Rank: 110562
pixel.admaxium.com — Cisco Umbrella Rank: 591189
35 KB
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14443
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5897
965 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3775
742 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 813
s.tribalfusion.com — Cisco Umbrella Rank: 2171
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 792
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1442
570 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1512
1 KB
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1149
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 800
718 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13703
824 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 632
734 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1214
1 KB
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 452
954 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 897
802 B
2 betano.com
br.betano.com — Cisco Umbrella Rank: 97920
522 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
944 B
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5555
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
59 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
57 KB
2 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29785
ui.cleverwebserver.com — Cisco Umbrella Rank: 30262
48 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3204
33 KB
1 opera.com
t.adx.opera.com
464 B
1 onetag-sys.com
onetag-sys.com
815 B
1 gumgum.com
rtb.gumgum.com
209 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 playground.xyz
ads.playground.xyz
466 B
1 agkn.com
aa.agkn.com
653 B
1 bluekai.com
tags.bluekai.com
422 B
1 inmobi.com
mweb.ck.inmobi.com
348 B
1 loopme.me
csync.loopme.me
402 B
1 iprom.net
core.iprom.net
279 B
1 truffle.bid
matching.truffle.bid
1 appier.net
gocm.c.appier.net
395 B
1 1xbet.com
br.1xbet.com
1 betboo.com
www.br.betboo.com
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
788 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1038
522 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1224
35 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1349
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 762
613 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 935
223 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3949
391 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 15324
70 B
1 adlook.me
ads.adlook.me — Cisco Umbrella Rank: 23039
337 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2011
426 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 541
679 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 771
727 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 5175
603 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 9650
362 B
1 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 1978
86 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 585
2 KB
1 bet365.com
members.bet365.com — Cisco Umbrella Rank: 67433
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5283
540 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5904
189 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1317
526 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
705 B
1 trustiseverything.de
trustiseverything.de
135 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
42 KB
0 pokerstars.ca Failed
www.pokerstars.ca Failed
0 resetdigital.co Failed
sync.resetdigital.co Failed
414 112
Domain Requested by
40 portaldogremista.com.br 1 redirects portaldogremista.com.br
cdn.pn.vg
38 tpc.googlesyndication.com googleads.g.doubleclick.net
portaldogremista.com.br
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
25 clickiocdn.com s.clickiocdn.com
23 pagead2.googlesyndication.com portaldogremista.com.br
pagead2.googlesyndication.com
campaigns-ad.s3.eu-west-2.amazonaws.com
googleads.g.doubleclick.net
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
22 simage2.pubmatic.com 2 redirects ads.pubmatic.com
ap.lijit.com
21 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
ap.lijit.com
us-u.openx.net
20 ce.lijit.com ap.lijit.com
us-u.openx.net
ads.pubmatic.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
14 x.bidswitch.net 13 redirects ads.betweendigital.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
portaldogremista.com.br
10 us-u.openx.net 2 redirects s.clickiocdn.com
ap.lijit.com
us-u.openx.net
10 fonts.gstatic.com fonts.googleapis.com
9 www.pinnacle.com 1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com
www.pinnacle.com
9 image2.pubmatic.com ads.pubmatic.com
ap.lijit.com
9 fonts.googleapis.com portaldogremista.com.br
client
googleads.g.doubleclick.net
www.pinnacle.com
8 www.googletagservices.com s.clickiocdn.com
googleads.g.doubleclick.net
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
7 www.gstatic.com googleads.g.doubleclick.net
7 ads.betweendigital.com 2 redirects s.clickiocdn.com
ads.betweendigital.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
portaldogremista.com.br
6 s.amazon-adsystem.com 3 redirects ap.lijit.com
us-u.openx.net
6 match.prod.bidr.io 6 redirects
6 ib.adnxs.com 3 redirects s.clickiocdn.com
googleads.g.doubleclick.net
acdn.adnxs.com
5 token.rubiconproject.com 4 redirects
5 match.adsrvr.org 5 redirects
5 sync.1rx.io 5 redirects
5 pixel-sync.sitescout.com 5 redirects
5 um.simpli.fi 5 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 ap.lijit.com 2 redirects s.clickiocdn.com
ap.lijit.com
5 sb.scorecardresearch.com 1 redirects cdn.taboola.com
portaldogremista.com.br
4 pixel.onaudience.com 4 redirects
4 pixel.rubiconproject.com 1 redirects
4 a.sportradarserving.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 px.owneriq.net 3 redirects ap.lijit.com
4 rtb-csync.smartadserver.com 1 redirects
4 id.rlcdn.com 3 redirects
4 eus.rubiconproject.com s.clickiocdn.com
eus.rubiconproject.com
cache.betweendigital.com
4 ups.analytics.yahoo.com 3 redirects us-u.openx.net
4 www.google.com 1 redirects 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.ca pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 match.bnmla.com 3 redirects
3 an.yandex.ru 1 redirects
3 sync.bumlam.com 3 redirects
3 idsync.rlcdn.com 1 redirects us-u.openx.net
ap.lijit.com
3 pr-bh.ybp.yahoo.com 1 redirects us-u.openx.net
ap.lijit.com
3 ads.pubmatic.com ap.lijit.com
3 pixel.tapad.com 2 redirects us-u.openx.net
3 sync-tm.everesttech.net 3 redirects
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 unpkg.com 2 redirects portaldogremista.com.br
3 cdn.pn.vg portaldogremista.com.br
cdn.pn.vg
3 campaigns-ad.s3.eu-west-2.amazonaws.com portaldogremista.com.br
2 uipglob.semasio.net 1 redirects ap.lijit.com
2 visitor.fiftyt.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 www.tns-counter.ru 1 redirects
2 x01.aidata.io 2 redirects
2 pmp.mxptint.net 1 redirects ap.lijit.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ap.lijit.com
2 pm.w55c.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 px.adhigh.net 2 redirects
2 ad.turn.com 2 redirects
2 creativecdn.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 secure.adnxs.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 loadm.exelator.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 br.betano.com 1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com
2 widget.us.criteo.com 2 redirects
2 dis.criteo.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 eb2.3lift.com 2 redirects
2 c.eu1.dyntrk.com 2 redirects
2 s0.2mdn.net 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net portaldogremista.com.br
2 static.criteo.net s.clickiocdn.com
static.criteo.net
2 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 cdn.taboola.com portaldogremista.com.br
cdn.taboola.com
2 barra.r7.com portaldogremista.com.br
1 t.adx.opera.com
1 onetag-sys.com cache.betweendigital.com
1 rtb.gumgum.com ap.lijit.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aa.agkn.com ap.lijit.com
1 aud.pubmatic.com ap.lijit.com
1 tags.bluekai.com ap.lijit.com
1 loada.exelator.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 br.1xbet.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 secure-assets.rubiconproject.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 www.br.betboo.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 pixel.admaxium.com admaxium.com
1 admaxium.com www.pinnacle.com
1 aax-eu.amazon-adsystem.com
1 ads.yahoo.com
1 px.ads.linkedin.com
1 sync.ipredictive.com 1 redirects
1 rtb.adentifi.com ap.lijit.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 lbs-ru1.ads.betweendigital.com ads.betweendigital.com
1 ads.adlook.me 1 redirects
1 d.turn.com 1 redirects
1 data.adsrvr.org 1 redirects
1 aorta.clickagy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 bh.contextweb.com 1 redirects
1 p.rfihub.com 1 redirects
1 server.cpmstar.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 cookie-matching.mediarithmics.com
1 eu-u.openx.net 1 redirects
1 acdn.adnxs.com s.clickiocdn.com
1 js-sec.indexww.com s.clickiocdn.com
1 members.bet365.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 mug.criteo.com
1 dsp.adkernel.com 1 redirects
1 ui.cleverwebserver.com portaldogremista.com.br
1 api.pn.vg cdn.pn.vg
1 pro.ip-api.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 scripts.cleverwebserver.com portaldogremista.com.br
1 alz-d.openx.net s.clickiocdn.com
1 htlb.casalemedia.com s.clickiocdn.com
1 fastlane.rubiconproject.com s.clickiocdn.com
1 prg.smartadserver.com s.clickiocdn.com
1 bidder.criteo.com s.clickiocdn.com
1 prebid.a-mo.net s.clickiocdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cookies.pn.vg cdn.pn.vg
1 cms-media-api.r7.com barra.r7.com
1 trustiseverything.de portaldogremista.com.br
1 s.clickiocdn.com portaldogremista.com.br
1 www.googletagmanager.com portaldogremista.com.br
0 www.pokerstars.ca Failed campaigns-ad.s3.eu-west-2.amazonaws.com
0 sync.resetdigital.co Failed ap.lijit.com
414 163
Subject Issuer Validity Valid
portaldogremista.com.br
cPanel, Inc. Certification Authority		 2022-05-07 -
2022-08-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.r7.com
DigiCert SHA2 Secure Server CA		 2022-01-02 -
2023-01-03		 a year crt.sh
*.s3.eu-west-2.amazonaws.com
Amazon		 2021-12-09 -
2022-11-24		 a year crt.sh
s.clickiocdn.com
R3		 2022-05-09 -
2022-08-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
trustiseverything.de
R3		 2022-07-07 -
2022-10-05		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
adlmerge.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
bet365.com
Cloudflare Inc ECC CA-3		 2022-01-20 -
2023-01-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.mediarithmics.com
Gandi Standard SSL CA 2		 2022-02-10 -
2023-03-01		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-06-23 -
2023-06-22		 a year crt.sh
pinnacle.com
Cloudflare Inc ECC CA-3		 2021-12-07 -
2022-12-06		 a year crt.sh
*.br.betboo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-24		 a year crt.sh
*.1xbet.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-05-18		 a year crt.sh
truffle.bid
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh

This page contains 69 frames:

Primary Page: https://portaldogremista.com.br/
Frame ID: 03D207A04FA928C287A2CC88767240A4
Requests: 161 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Frame ID: 1504904AB14732766232B5D73DE53220
Requests: 1 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: E2E7F037527A38EF425B11A28581F2F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Frame ID: 13A7FC0C737F0B38EF03E57B225330B0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Frame ID: 816059687FE4AA3BC7EFE6526B7A73C2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Frame ID: 1E6B6A511B30C3150BC131B629646578
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Frame ID: F6D841E0CB21F495A950EA30B866F1B0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Frame ID: 917D52C5C72A67AC9D276CB5357573EB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&adk=1812271804&adf=3025194257&lmt=1658438779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportaldogremista.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779992&bpp=1&bdt=1483&idt=1&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9af7e9d4157777b2-22c09d2cfed300f7%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbzUg-peVljAaWyNzxeXxB1iKHDJw&gpic=UID%3D0000064ced013d55%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbcqfaJScLhICtdEOEW5hV88JHSLQ&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280%2C407x280&nras=1&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=47
Frame ID: D657AE97578F9CE0B3A9832EB95CF6B1
Requests: 1 HTTP requests in this frame

Frame: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7466CBD8C2C80E4A717F17014EDBA8F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7CA215AC0BB74AD33CC78421AD6B5910
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: EE0CCEBD37A8BA5436F5FFDD2AF42ECB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: 4B711CFD9FDEF36A9C6E878FB2C14789
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: 89226647F417562B723B85C409ED5680
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: 14C449BD6A343797AA0EE9BF6EA48202
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: FD5646213D816AFE575634E99FD06EB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Frame ID: EB7A41DE03492C93BAA68BC3582CC784
Requests: 5 HTTP requests in this frame

Frame: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FBD452DFAAE4FD833CE6166916346B7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Frame ID: 0B756F7EB20EDC1FA1DAC3518E2EC541
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 229FFB50FE7A5F54690B75F73989BB0B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EABFD50367557ED5D8C7C5EEE3E2A69E
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B3A2C2C200AFE6CE21C9EC38E1186A73
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Frame ID: 7D695B3C5E8E80213A519FE1B4CFE6CD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portaldogremista.com.br&gdpr=0&gdpr_consent=
Frame ID: 2614F41067074843AD3D826664DCA62E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76A2844597994B7FDBBB47396C9B1B15
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F27B0E612939AC4A308CACC433D8B08
Requests: 2 HTTP requests in this frame

Frame: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01105877&forcelp=1
Frame ID: E9F0C9958EDCE76A25BA221E9F7586F5
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Frame ID: 477224DCF4C94AA9EA0D3BBEB4B428F9
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AA2646035BB6DE0202707567B248B0C5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DFA54C18D089B0C4EBF293BC10AB42BE
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7B0338BEDBE7A9520778CEAAF3F5C4DA
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13397049
Frame ID: 64DACCB1BA7FEBE86008963FFBB76533
Requests: 21 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: E4DAAE9F2BD9F2F14552A1F8F2F2F5A9
Requests: 5 HTTP requests in this frame

Frame: https://br.betano.com/myaccount/ban/country-341629?alt=true
Frame ID: 7DDD0F63CB8BED4AFFAFDDF807EBE624
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7E7956C8890D455A844829A6689660CF
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: E84D85049A1729A16CFE1F0435E399B0
Requests: 23 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=6971036428562612664&gdpr=0&gdpr_consent=
Frame ID: 5114316533348DF881058E971326DE1F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: DE8A1F390A78BEFE83BA8AB234A06898
Requests: 9 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&CACHEBUSTER=256365
Frame ID: 55DF4C9C2DDD9BC7735040D61CC65DD6
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
Frame ID: 1E1AEF4F2033E81EBCB3CC9F1E544AFE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtnEfQAAn_xlmQBC&gdpr=0&gdpr_consent=
Frame ID: 571207E1A02EE047FDBFC15D0300E86A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Frame ID: AE0C92556E76B52922CEB3D502D38231
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADk7k7Fs4kAABDHqdomIA
Frame ID: E671BF9E36D153651BA0AEBA72DF9DEA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A98410D8E6157EE234AA1F78CCB128A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 634EBEE69B65414B25992739C063C2AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5756a4a-093b-11ed-868f-6822459fe7d7
Frame ID: 3B6E973524C1F6346656825733E38D9A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mumFESZZSeZpqJGrqQEdpJU4mbM
Frame ID: E4A325F05C732B722267F8243B411752
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Frame ID: 77DF2068B8540EF941D969D79CB20042
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4037D016-2C66-4940-9812-C7174567D13D
Frame ID: 5AE1B780209BE18B1CBABD33A318C949
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681896148123
Frame ID: E655D3E77BA77BFCE30078C5AF5551A4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Nil6PUQc1OeDGD5&gdpr=0&gdpr_consent=
Frame ID: 79E53659F4FC7857E5FA2B796509D762
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0EA60F66493B2E45412CDF45A478E207
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7117251831628971547
Frame ID: 5B0699A33DA3B409679D9CABB073CF57
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=4037D016-2C66-4940-9812-C7174567D13D
Frame ID: 2CAAE8DB5829BAA2197499496F4DDBB6
Requests: 1 HTTP requests in this frame

Frame: https://www.pinnacle.com/?dvc=d
Frame ID: C522C9478D416EF2580067949AD61410
Requests: 11 HTTP requests in this frame

Frame: https://www.br.betboo.com/pt-br/mobileportal/bonuslandingpage?wm=5174560
Frame ID: CDC396E0AC1F8E2E4BA2BA7DC6FABE19
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 59B4801F1F1C084444CD3733C3A1A816
Requests: 3 HTTP requests in this frame

Frame: https://br.1xbet.com/?tag=d_733659m_97c_&site=733659&ad=97
Frame ID: 705C432AF0DD3F6AA4969FEE8404AC2D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=18d8cfd0-2742-42f9-9a6b-24e141643996-tuct9d34a02&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FFB45AC8806FC2383CE2D2AC5B18AAD7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eyFVawEsBvW_Zn9_g8TZYg
Frame ID: D49F48F25458C6C08226E091AACCD94D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: F59F83B85805F7C5DD3BC5BBECE27121
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 6FEEA418461923E47CFA4E9CB2E7E62E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 281942B46CF83BBF5E2FB35CBFC89788
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=75bfc047-92d7-4fa0-b0f7-098b18354e2c
Frame ID: E72CEA8BA70559C31FCE4388329F4B1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=7fd9f262-1ab9-45a0-8bd5-d45dc47da9c1
Frame ID: 8EB2A8E895FAB7A5FD3085D519D419E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
Frame ID: 41158235D3066E9FBE2094B858E9FEB3
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=4037D016-2C66-4940-9812-C7174567D13D
Frame ID: A78B045E85D5070D2B70050247F8848A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 8202B92254C8E0EFDC331F7F8B6D425B
Requests: 1 HTTP requests in this frame

Frame: https://www.pokerstars.ca/?siteid=184617
Frame ID: F24363D5032D65E50DA64E8ACA624AA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Portal do Gremista - As últimas notícias do Grêmio Foot-Ball Porto Alegrense.

Page URL History Show full URLs

  1. http://portaldogremista.com.br/ HTTP 307
    https://portaldogremista.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

414
Requests

78 %
HTTPS

25 %
IPv6

112
Domains

163
Subdomains

94
IPs

13
Countries

3799 kB
Transfer

10919 kB
Size

202
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portaldogremista.com.br/ HTTP 307
    https://portaldogremista.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://portaldogremista.com.br/wp-content/litespeed/localres/aHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RtLmpz?id=GTM-P8XNG7Q HTTP 302
  • https://portaldogremista.com.br/wp-content/litespeed/localres/7a40012a55d690ae256a69a8aaf9399b.js
Request Chain 59
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@2.1.4 HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Request Chain 62
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&c9=
Request Chain 194
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0&C=1
Request Chain 225
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtnEfbj0QU0iW7mhHOz6XAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoxOKNF-mztAlmOSN8dlNM&google_cver=1
Request Chain 227
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxODU5MTY5NzI3MDkxOTQ3Mw%3D%3D
Request Chain 237
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEvjBfT5YFoa6j-6cOSnTxs&google_cver=1&google_push=AehlK4AgxP3nhEEkuOGkTVjZctIJjk9_K2Kg-2K6epB-xMm1fBbEjH1rDNnbZCcnbLnYRvIAd1doTZ8NSZHCkcRR1u8CHJ-1k6ng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEvjBfT5YFoa6j-6cOSnTxs&google_push=AehlK4AgxP3nhEEkuOGkTVjZctIJjk9_K2Kg-2K6epB-xMm1fBbEjH1rDNnbZCcnbLnYRvIAd1doTZ8NSZHCkcRR1u8CHJ-1k6ng
Request Chain 238
  • https://um.simpli.fi/gp_match?google_gid=CAESEFXo44xv69VY7m1nxJFmfGQ&google_cver=1&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWtpsZP6bYBJhwoZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=27A3956640754A76B49E20A290474D7F&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWtpsZP6bYBJhwoZ
Request Chain 239
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHLc3IRCOmxsp3iBID8lx5w&google_cver=1&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9 HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHLc3IRCOmxsp3iBID8lx5w&google_cver=1&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9&prevuid=03030001_62d9c47d9efac&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9&google_hm=MDMwMzAwMDFfNjJkOWM0N2Q5ZWZhYw%3D%3D
Request Chain 241
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFiCl2KbQwqBoz1GR-r6TmU&google_cver=1&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO2BEHKZFx5h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI3MTc0Mjk1NjY5NTE1NjM1MjI&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO2BEHKZFx5h
Request Chain 242
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7IYRMc2wKab22lmNvL_B4&google_cver=1&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs&google_gid=CAESEE7IYRMc2wKab22lmNvL_B4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjM1MzQ2NjE1ODk5OTc5Njg5NDUy&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs
Request Chain 243
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKCm-CrOWjuWyo2F-AgS0FE&google_cver=1&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4SQuibJLI_V4P4TRS-zSBEc0VvWNPA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKCm-CrOWjuWyo2F-AgS0FE&google_cver=1&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4SQuibJLI_V4P4TRS-zSBEc0VvWNPA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wYWxUdU1sRTJ1RWpDNEd1dUxTV0hFX1gxUi5xVmd1VH5B&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4SQuibJLI_V4P4TRS-zSBEc0VvWNPA
Request Chain 257
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=portaldogremista.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldogremista.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=eNdzNHxVUlBaZ2R1SjhDSXFVUHpXb3BhcVRGUGZDWXdZVEJYVmtkUkFuUlgveGdGaUFhUjFzOGFERnUxUzJwS2MwTVJVNUNhSGQ5ZFpSa0E0OGVvbG5qcjhvQURqazB3M2pDQlVsbnZYL0JSWGVKQU5kMGhidGtNVDlsTHJPL2lvaGZwRytDTENTSC83UHVHSFpSUW43MWpYcEFoeGpjdWpGK0w0WkhBakFrZHhTR2JxZEZIQUl4ZXA2RlJHS041Uy9RcS9xS1JCK1ZRYVpQVTVSQmFqejBicUg2K0E0MEc1eHFIZ2poaE1mMCtiYWdGNkdSam5GYmdQSTJjWnVjRjE4cmZGa1ZHWGplL1hrM2x4dndVSFV6MnlkNDRNdmFzSXpuSVJTcXpNSk9jMnFtTT18&cppv=2
Request Chain 290
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCP-I55YGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Request Chain 291
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=ce132da1-9c53-0e12-183e-3631e706e04c
Request Chain 293
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=smartadserver&bidswitch_custom_parameter=824e41dc-f4bc-4f52-baa4-53baf67b1917 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=b8dfcc2a9069d2c2f906bb5f35302a87&expires=30&ssp=smartadserver&bsw_param=824e41dc-f4bc-4f52-baa4-53baf67b1917 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Request Chain 294
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=00bbfae2-fa64-49c8-8f50-155991bf22b9&gdpr=0&gdpr_consent=
Request Chain 295
  • https://br.betano.com/?btag=a_8563b_888c_&affid=1654&siteid=8563&adid=888&c= HTTP 302
  • https://br.betano.com/myaccount/ban/country-341629?alt=true
Request Chain 297
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7117251831628971547&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 298
  • https://um.simpli.fi/lj_match?r=1658438783322&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=27A3956640754A76B49E20A290474D7F
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FA8GeBZHRIQBq3cVSgqpit1a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Request Chain 300
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=6CBctl8Z_jd12DiCB8XP0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Request Chain 301
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=L5VJMOFY-I-MC9P&gdpr=0
Request Chain 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dd2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dd2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dd2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dd2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Request Chain 303
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=979321826286578446
Request Chain 304
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=xto16yUfqB0S&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 305
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
Request Chain 306
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L5VJMOFY-I-MC9P&gdpr=0
Request Chain 307
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 308
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FA8GeBZHRIQBq3cVSgqpit1a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:955da31ab757ca66fbdba0443363509d
Request Chain 309
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AADk7k7Fs4kAABDHqdomIA&gdpr=0
Request Chain 310
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 311
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dxcLryIRWPBsHFujJBRCpCQVCqBsEVv0IxPtHXin
Request Chain 312
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0
Request Chain 313
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=6718591697270919473&gdpr=0&gdpr_consent=
Request Chain 314
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=
Request Chain 315
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1658438783722 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5860745990 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6c15e589-a89d-4d15-addc-613230561894 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Request Chain 316
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=sFab3kS4UsLhqYOFfY0e&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 319
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=6971036428562612664&gdpr=0&gdpr_consent=
Request Chain 321
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7773997484991602581&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 322
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtnEfQAAn_xlmQBC
Request Chain 324
  • https://match.adsrvr.org/track/cmf/openx?oxid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6c15e589-a89d-4d15-addc-613230561894&ttd_puid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0&gdpr_consent=
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF--a0k8Xk1pCoWgnyKQmhk&google_cver=1
Request Chain 328
  • https://ads.adlook.me/csync?url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D%26callback_url%3Dhttps%253A%252F%252Flbs-ru1.ads.betweendigital.com%252Fmatch%253Fbidder_id%253D42122%2526external_user_id%253D%7BuserId%7D%2526external_matching%253D1%2526forward%253D0 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&callback_url=https%3A%2F%2Flbs-ru1.ads.betweendigital.com%2Fmatch%3Fbidder_id%3D42122%26external_user_id%3D9a9fb44889e541dba1ca7265e5ffb06b%26external_matching%3D1%26forward%3D0 HTTP 302
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&external_matching=1&forward=0
Request Chain 329
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8eSJ8Xven0J.AikABlGCIqeTRw
Request Chain 335
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Request Chain 336
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86
Request Chain 338
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a6d61ab81093dbd28217aad60461d81c00ab74fd965ca074f24ac978441c5ae791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YTZkNjFhYjgxMDkzZGJkMjgyMTdhYWQ2MDQ2MWQ4MWMwMGFiNzRmZDk2NWNhMDc0ZjI0YWM5Nzg0NDFjNWFlNzkxNDI2YjU0MTdkY2UyMRAAGgwI_4jnlgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YTZkNjFhYjgxMDkzZGJkMjgyMTdhYWQ2MDQ2MWQ4MWMwMGFiNzRmZDk2NWNhMDc0ZjI0YWM5Nzg0NDFjNWFlNzkxNDI2YjU0MTdkY2UyMRAAGgwI_4jnlgYSBAgCEABCAEoA&google_gid=CAESEM5PE_o8VbyDkSCDA4hOM3A&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=90089078-2027-4f7b-95c6-3cd1ba9fc9b6
Request Chain 339
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6718591697270919473
Request Chain 340
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a&dcc=t
Request Chain 342
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4037D016-2C66-4940-9812-C7174567D13D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
Request Chain 343
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtnEfQAAn_xlmQBC&gdpr=0&gdpr_consent=
Request Chain 344
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Request Chain 345
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEazdrN0ZzNGtBQUJESHFkb21JQQ&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADk7k7Fs4kAABDHqdomIA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7589134343960758009 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADk7k7Fs4kAABDHqdomIA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7589134343960758009%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=7589134343960758009&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADk7k7Fs4kAABDHqdomIA
Request Chain 347
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5756a4a-093b-11ed-868f-6822459fe7d7
Request Chain 349
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mumFESZZSeZpqJGrqQEdpJU4mbM
Request Chain 350
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005&rndcb=5411583913 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5f99702f-61cb-4d3b-8675-6ec26ff0003c&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/b6c1429b-d719-4fbe-8065-3422a031d8a8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Request Chain 351
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=610ef577-0522-4323-a68d-73f1401af6ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4037D016-2C66-4940-9812-C7174567D13D
Request Chain 352
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681896148123
Request Chain 353
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Nil6PUQc1OeDGD5&gdpr=0&gdpr_consent=
Request Chain 354
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 355
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7117251831628971547
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QDfQFixmSUCYEscXRWfRPQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 358
  • https://idsync.rlcdn.com/420486.gif?partner_uid=4037D016-2C66-4940-9812-C7174567D13D HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52
Request Chain 359
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=794d62d9-c47f-4200-9ebd-a39e0b32cfeb
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAzN0QwMTYtMkM2Ni00OTQwLTk4MTItQzcxNzQ1NjdEMTNE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHMTrdvaExvDvoWWSHUFhnc&google_cver=1
Request Chain 362
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
Request Chain 363
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6971036428562612664&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 364
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c15e589-a89d-4d15-addc-613230561894
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4037D016-2C66-4940-9812-C7174567D13D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oleOwFBE2uX36LH1MB4pKl5nd1ZgFj8-~A&gdpr=0&gdpr_consent=
Request Chain 368
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c57dce67-093b-11ed-bb74-d59dad38b406&gdpr=0&gdpr_consent=
Request Chain 369
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=76e2a3d6ec801207&is_secure=true&networkId=17100&version=1&nuid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZ5nSlOm1wgNOmJO1AAAAAAA&expiration=1658525184&nuid=4037D016-2C66-4940-9812-C7174567D13D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 370
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6718591697270919473&gdpr=0&gdpr_consent=
Request Chain 371
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_
Request Chain 372
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5f99702f-61cb-4d3b-8675-6ec26ff0003c&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 374
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F361F25A_4AEFCE2D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 375
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4888899322891537058
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Db6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&expires=30&ssp=between&bsw_param=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b6c1429b-d719-4fbe-8065-3422a031d8a8
Request Chain 379
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5VJMOFY-I-MC9P
Request Chain 380
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRiMzY0ZWFjZDM3NWFjZWI2ZDVhZDdhZDcyZDRlMWUwODIxMGM3Yg
Request Chain 381
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l7sp8pv-Sza68Q6w7Q1LnQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6441591213188364225
Request Chain 382
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5VJMOFY-I-MC9P&sigv=1&esig=2~48a253236c804e5e61d0abae5ab7d0fc6ecff23d
Request Chain 383
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 384
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qk-Zl3AKTT6G-XJ7tvKwuQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qk-Zl3AKTT6G-XJ7tvKwuQ
Request Chain 385
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=&expires=30
Request Chain 387
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiAieeWBqIBEMXX1rIJOxHtoEQAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c5d7d6b2-093b-11ed-a044-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c5d7d6b2-093b-11ed-a044-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=nCP5qR1LeoDY4SSEsRNEZA& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437?redir-setuniq=1
Request Chain 388
  • https://www.pinnacle.com/?dvc=d&btag=a_27754b_17506c_&refer=XAFF5905 HTTP 302
  • https://www.pinnacle.com/?dvc=d
Request Chain 401
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 403
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365
Request Chain 406
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L5VJMOFY-I-MC9P HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L5VJMOFY-I-MC9P
Request Chain 407
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=18d8cfd0-2742-42f9-9a6b-24e141643996-tuct9d34a02&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 408
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eyFVawEsBvW_Zn9_g8TZYg
Request Chain 411
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 412
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=75bfc047-92d7-4fa0-b0f7-098b18354e2c
Request Chain 413
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=27A3956640754A76B49E20A290474D7F HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=F1CFB0C7524F409E82D4F247506EDC12 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=7fd9f262-1ab9-45a0-8bd5-d45dc47da9c1
Request Chain 414
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
Request Chain 416
  • https://pixel.onaudience.com/?partner=214&mapped=4037D016-2C66-4940-9812-C7174567D13D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7e729edbb67a9e769e4d30a4c9dd28ed&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50b7b2a39d9d62ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=50b7b2a39d9d62ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=aad582c9999e588eba7264f3ef52438b&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=91368560e61038d1
Request Chain 417
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4037D016-2C66-4940-9812-C7174567D13D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4037D016-2C66-4940-9812-C7174567D13D&addseg=10,33,39
Request Chain 418
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 420
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6718591697270919473
Request Chain 421
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7771bb90-6e08-42e3-930e-f1f0f51aa69b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 423
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&expires=60 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=b6c1429b-d719-4fbe-8065-3422a031d8a8&expires=30
Request Chain 425
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fa7b2b130-db3b-53cb-8771-ccd7e5a808ac HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/a7b2b130-db3b-53cb-8771-ccd7e5a808ac
Request Chain 427
  • https://www.pokerstars.pt/?source=19733757&btag=a_184617b_6409c_&siteid=184617 HTTP 301
  • https://www.pokerstars.ca/?source=19733757&btag=a_184617b_6409c_&siteid=184617 HTTP 301
  • https://www.pokerstars.ca/?siteid=184617

414 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portaldogremista.com.br/
Redirect Chain
  • http://portaldogremista.com.br/
  • https://portaldogremista.com.br/
127 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
89956c77c2b3c3b116fdf62197402e3936b4fbeb67b17cd6b6c3a123d5e8c816
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
cross-origin
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
23351
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:18 GMT
etag
"105318-1658437229;br"
expect-ct
max-age=7776000, enforce
link
<https://portaldogremista.com.br/wp-json/>; rel="https://api.w.org/"
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
SAMEORIGIN
x-litespeed-cache
hit
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://portaldogremista.com.br/
Non-Authoritative-Reason
HSTS
js
www.googletagmanager.com/gtag/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-133663011-1
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7da19b0ce70416adc6608bf1bc1feb46f27068a5020475ae52d1de7f638589e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42024
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Jul 2022 21:26:18 GMT
style.min.css
portaldogremista.com.br/wp-includes/css/dist/block-library/ 		81 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
10549
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2022 02:07:19 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
chaty-front.min.css
portaldogremista.com.br/wp-content/plugins/chaty-pro/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/plugins/chaty-pro/css/chaty-front.min.css?ver=16575745062.9.3
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
789425f7e69737cacc8b77b6ce616f28524d1cf868aecb6562bfc0187cd92768
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
4266
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jun 2022 17:31:07 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
tlpteam.css
portaldogremista.com.br/wp-content/plugins/tlp-team/assets/css/ 		152 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/plugins/tlp-team/assets/css/tlpteam.css?ver=4.1.1
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
f07774464783287d26cf8328f845e857bff75ea915393dfb60d41ef816fc22a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
18600
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jun 2022 17:39:06 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
team-sc.css
portaldogremista.com.br/wp-content/uploads/tlp-team/ 		7 KB
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/uploads/tlp-team/team-sc.css?ver=1649538486
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
8906ac8419fe977cfcca08c74ba82918e5bb4a6b586aa73a6e49df5332b9b4c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
762
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Apr 2022 21:08:06 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
style.css
portaldogremista.com.br/wp-content/themes/publisher-child/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/themes/publisher-child/style.css?ver=1.0.0
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
d8e700ce1ada85b681de99ef8769f65d77a757c6de3584f4956acc1d5cb7a600
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
593
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Dec 2021 13:03:38 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rajdhani:400,500,700,600%7COswald:400,500,600,700&display=swap
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
038b968f63c82a59daf5159a867d2fffcbef9a17ed70ac7afb31b68bbc8c61b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:26:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:18 GMT
frontend-gtag.min.js
portaldogremista.com.br/wp-content/plugins/google-analytics-premium/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.1.0
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
2997
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Nov 2021 23:16:48 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
jquery.min.js
portaldogremista.com.br/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
30273
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 15 Jan 2022 03:54:17 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
barra.js
barra.r7.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/barra.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.29.128.58 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f326544f98de4504d38864885e3b6ed93f8ff715a3bec93f57b7ad8d63bb6322

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:18 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 17:36:59 GMT
server
AkamaiNetStorage
etag
"470397fd322539b7704853de4cf44b1b:1651772219.243933"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=476151
accept-ranges
bytes
content-length
8678
15d38ae307b9fe87cd39f1b5fb8229f0.js
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2a4bdd889e30034c40f7e3d4c07b1eb1500e5dbe44c6b2e568dead283a53d9a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:20 GMT
Last-Modified
Wed, 13 Jul 2022 16:11:25 GMT
Server
AmazonS3
x-amz-request-id
NJ83TXRDB6V2GMNN
ETag
"038170ea32895f7f5f2a72f646a0e671"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
22531
x-amz-id-2
OVRFOjs5hnoOBSFRMawJHuAZSPoL0z4T4+bopXVsXknQ0lo6xY60BV1MGYKs7NGXEZHFQ/n58Nc=
069954deaac0623c330197f8cff4af53.css
portaldogremista.com.br/wp-content/bs-booster-cache/ 		716 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/bs-booster-cache/069954deaac0623c330197f8cff4af53.css
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
058527a39f8569e933dd23fac5314ef6243b67e508737e720a82cf54e94b5a0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
98678
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Jul 2022 20:49:45 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
c9f4cd0bdb1c94f673d18cd09ae50ebe.css
portaldogremista.com.br/wp-content/bs-booster-cache/ 		55 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/bs-booster-cache/c9f4cd0bdb1c94f673d18cd09ae50ebe.css
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
0d6fa6d1faf6c13601a670968cbdbfc5183636a7a4ca24f0f39cc0530f99d2b5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
6604
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 01:37:32 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
360_light.js
s.clickiocdn.com/t/221287/ 		514 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/221287/360_light.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.115.26 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
971830061a28e04bf19815ec7efb75fecdea260b88ee19f47060494fd73f1603

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
server
nginx/1.14.0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
iseu
noneu
cache-control
max-age=60
expires
Thu, 21 Jul 2022 21:27:19 GMT
a5fed89b-5105-42ae-a786-711eb878c453.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/a5fed89b-5105-42ae-a786-711eb878c453.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3c63ce277681cdd522d031dd6a60eede212b7d7429d6dba3ab7a23f864387e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Jul 2022 00:48:11 GMT
server
cloudflare
etag
W/"d19e4dc7723c35fef5486e9877dca07e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPrCnx7icTS%2FWWzregfytt0W7zL%2ByG2OfkGOxATj6aQSe%2F3NMOu67%2FiY1M0DA5AxQrts1%2FA7YBu2yhc59%2FybWw1KZYwSvjkI6dFoIVkOpqv1K2djWRjT4D6%2FTMIXUE3Tro2PnBxOzSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
72e703a17fb87151-YUL
x-amz-cf-id
iWqm5GT-qjwOAlogx3V4B7zTSL4yRTlRDjFKKk4nYvYVJJazc8TYcw==
portal-gremista-logo-desktop.png.webp
portaldogremista.com.br/wp-content/uploads/2021/11/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2021/11/portal-gremista-logo-desktop.png.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
cc4f04c77a179cc621c2aabc59873cce0847d9409a91ec95997f9a7f16216d4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
5618
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Feb 2022 00:16:34 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
portal-gremista-logo-mobile.png.webp
portaldogremista.com.br/wp-content/uploads/2021/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2021/11/portal-gremista-logo-mobile.png.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
703ed3ec5bac1994e42cbcf08eb865388e582eadcda6bf2cf8799f4dc7b3e6f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
3356
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Feb 2022 00:17:35 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc08ad89782ec0cd78995d13407e231fac863bdde95861e57b9d33990b769417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50769
x-xss-protection
0
server
cafe
etag
7660015502648557223
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 21:26:19 GMT
karma.js
trustiseverything.de/karma/ 		186 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trustiseverything.de/karma/karma.js?karma=bs?nosaj=faster.mo
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.61.204.169 , Austria, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.crypto-webminer.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8c27078f54f472c79e0651d18b9b4bf9bf63b9b781ad524f9816f83829bdfd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
etag
"0bcc1974377d81:0"
last-modified
Fri, 03 Jun 2022 12:15:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache,max-age=86400
accept-ranges
bytes
content-length
138247
instant_click.min.js
portaldogremista.com.br/wp-content/plugins/litespeed-cache/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=4.6
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1167
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Apr 2022 18:12:47 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
vary
Accept-Encoding
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
3d623516071a080224139761b80fc446.js
portaldogremista.com.br/wp-content/litespeed/js/ 		328 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/litespeed/js/3d623516071a080224139761b80fc446.js?ver=0b49c
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
cc0297016486d68097047f819a2eb0bf5085c4ec93d3c9cc527af688a304bb2e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
91750
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Jul 2022 13:07:10 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
7a40012a55d690ae256a69a8aaf9399b.js
portaldogremista.com.br/wp-content/litespeed/localres/
Redirect Chain
  • https://portaldogremista.com.br/wp-content/litespeed/localres/aHR0cHM6Ly93d3cuZ29vZ2xldGFnbWFuYWdlci5jb20vZ3RtLmpz?id=GTM-P8XNG7Q
  • https://portaldogremista.com.br/wp-content/litespeed/localres/7a40012a55d690ae256a69a8aaf9399b.js
2 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/litespeed/localres/7a40012a55d690ae256a69a8aaf9399b.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 21:26:19 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT

Redirect headers

date
Thu, 21 Jul 2022 21:26:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-redirect-by
WordPress
x-litespeed-cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-litespeed-tag
b4a_HTTP.302
content-length
0
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
location
https://portaldogremista.com.br/wp-content/litespeed/localres/7a40012a55d690ae256a69a8aaf9399b.js
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
expires
Sat, 22 Jul 2023 03:26:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133663011-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3647
date
Thu, 21 Jul 2022 20:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Jul 2022 22:25:32 GMT
css
fonts.googleapis.com/ 		6 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:15:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:19 GMT
6272b8fa4b495528e7000650
cms-media-api.r7.com/menu/ 		34 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cms-media-api.r7.com/menu/6272b8fa4b495528e7000650
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.29.128.58 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4d0e0669b57b5b1be47950e87a6926f2ea2e191c67ebe4509b2657853119db03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:19 GMT
Content-Encoding
gzip
ETag
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4225
loader.js
cdn.taboola.com/libtrc/portaldogremista-network/ 		404 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/portaldogremista-network/loader.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecd3e6ce7bbf468386dcf69184be2a06d6565a5937b82290f6d5056e8f7fd66a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
Pdjtva1LaX_gKKx6Fpo1nfF1BqHeWt0X
content-encoding
gzip
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
8
content-length
31743
x-amz-id-2
egRftjwIiyZoHUedJKqurVT9x5JBBYD9x3FkH+P2NKngpQUVuS0wq2Jjp/V95h2qV7mNmUfVO7g=
x-served-by
cache-yul12823-YUL
last-modified
Thu, 21 Jul 2022 21:26:19 UTC
server
nginx
x-timer
S1658438779.099416,VS0,VE32
etag
"7e0a2606d973f0e83310fb8e3dfc050698cc5cd8"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
99THAZY6MBAF7K0H
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Thu, 21 Jul 2022 21:26:19 GMT
abp
23
x-cache-hits
0
LDI2apCSOBg7S-QT7pa8FvOreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FvOreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,700,600%7COswald:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 08:56:17 GMT
x-content-type-options
nosniff
age
217802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:41:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jul 2023 08:56:17 GMT
LDIxapCSOBg7S-QT7p4HM-Y.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDIxapCSOBg7S-QT7p4HM-Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,700,600%7COswald:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 10:21:39 GMT
x-content-type-options
nosniff
age
212680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14976
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:42:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jul 2023 10:21:39 GMT
fontawesome-webfont.woff2
portaldogremista.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/wp-content/bs-booster-cache/069954deaac0623c330197f8cff4af53.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portaldogremista.com.br/wp-content/bs-booster-cache/069954deaac0623c330197f8cff4af53.css
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
77160
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 15 Jan 2022 04:00:25 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,700,600%7COswald:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 21:14:53 GMT
x-content-type-options
nosniff
age
259886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17908
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 21:14:53 GMT
profiles.js
barra.r7.com/tailtarget/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/tailtarget/profiles.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.29.128.58 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-58.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 17:36:59 GMT
server
AkamaiNetStorage
etag
"8004950a941b96d9c812191aaaa6ce00:1651772219.412907"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=570752
accept-ranges
bytes
content-length
5253
load.js
widget.perfectmarket.com/portaldogremista-network/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/portaldogremista-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldogremista-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
914cfa75ca8aa1b616b0579966dbd93b5de64178b288de9de4a03eaddf17c239

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
.Pa56C71e_MKgWG3.uGnijX3LiyNqLcR
content-encoding
gzip
etag
"b790ab06264d6ab02e2e6d7d08b935d8"
age
0
x-cache
HIT, HIT
content-length
1136
x-amz-id-2
gMwozJ+c2o2iS/WKvvfPbNk6SgvFp/tv3hu83TW6x6xZBXalK0s0QlbGRFaUz5M7xkT5ThTmTF8=
x-served-by
cache-lax10643-LGB, cache-yul12828-YUL
last-modified
Tue, 19 Jul 2022 11:27:47 GMT
server
AmazonS3
x-timer
S1658438779.199180,VS0,VE156
date
Thu, 21 Jul 2022 21:26:19 GMT
vary
Accept-Encoding,,
x-amz-request-id
NWPNDA4XHC0W2ZN7
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
2, 1
impl.20220721-4-RELEASE.js
cdn.taboola.com/libtrc/ 		675 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220721-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldogremista-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d1a9a355b83f3a1801cd0c85f82ed63932b9539110e91e696c713dc6d42b9714

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
plBfaEVB5yytNJ4.XQUTYJc4EI3V8icg
content-encoding
br
etag
"1e7b4d1a47b1cb0e1c699604907902ac"
age
16730
x-cache
HIT
content-length
142546
x-amz-id-2
AWWH/T0M299bw+rfcM1Hs3aEa1OohTqH6OHxSVhujwKkgyYt+Skb96EZTtFHmaxPf8Xl6wTvSJY=
x-served-by
cache-yul12823-YUL
last-modified
Thu, 21 Jul 2022 08:46:00 GMT
server
AmazonS3-br
x-timer
S1658438779.169332,VS0,VE0
date
Thu, 21 Jul 2022 21:26:19 GMT
vary
Accept-Encoding
x-amz-request-id
6GQQ6XPKHHHXEXH9
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
95
x-cache-hits
130633
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldogremista-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-105.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:16:02 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
18638
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
CFXczgIMqejzvVsNBBSgIznG4cC0aMvh-wtBz-EGs5mMTlc49nmO6w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 19:32:38 GMT
x-content-type-options
nosniff
age
93221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 19:32:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/ Frame 1504 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 17:41:30 GMT
etag
8616628553774171045
expires
Thu, 04 Aug 2022 17:41:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ilabspush.min.js
cdn.pn.vg/push/ 		183 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/a5fed89b-5105-42ae-a786-711eb878c453.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05d32ca57950965e8e862309e4ee5402393526bea838fb7c0fee92d3cf9886c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6137
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 01 Jul 2022 10:46:38 GMT
server
cloudflare
etag
W/"54fa8223c21e35ac72ac23c1bcec34fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6WpqxPVoZhzbngnI9o02iitjN7IqhhIhjYPudepxM5kjYI1dKH1bFXuY4u5%2BzX3x7ySifjL6eQ9Ak5Rd66Tsoaxcode%2Bcs%2FuaYc1XbD8Jd13q7X96pSrjvuLW8Z7nlCp9fiiwg1hYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
x-amz-cf-pop
EWR53-P1
cf-ray
72e703a24b5f7133-YUL
x-amz-cf-id
o_KZd6ZGfWzoFXQsW--zGWvqDw0wVYXaKXmeZHowcU15ddn1WHpwkw==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 		337 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd2de78029a38bc5f756b3bff440e9845c551a13160ed1921d20c949bf933d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121456
x-xss-protection
0
server
cafe
etag
14328431062910417426
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 21:26:19 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Jul 2022 22:22:06 GMT
gremio-roger-machado-2-750x430.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/gremio-roger-machado-2-750x430.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
895c6d3e32d1e6c3f492a3a64eaef875223358f512f54fb8320e4c23442c6ed0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
18094
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 20:58:39 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
gremio-torcedor-torcida-gremista-279x220.jpeg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/gremio-torcedor-torcida-gremista-279x220.jpeg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
c112530e70aa5400d40fa893addec873e936f3eb5bbeb641cbe1518c24037cc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
19028
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 20:49:59 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
matheus-frizzo-gremio-279x220.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/05/matheus-frizzo-gremio-279x220.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
4b59a4348d141d34b729074045efc869d19e259acf22c05fcc971504fde83196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
7722
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 15:07:20 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
mario-fernandes-ex-gremio-279x220.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/06/mario-fernandes-ex-gremio-279x220.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
f6b41b2dbdf5ec7ce02245aa4fcfcae94546874fcbe2e3551e2c6781ec633fdf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
11554
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Jun 2022 12:45:59 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
gremio-ferreira-1-279x220.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/gremio-ferreira-1-279x220.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
c7e82d176c9739680a2dc4115b9b730bffe4c38e89da059154f0d5a865b80a4f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
10308
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 19:42:31 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
Brenno-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2021/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2021/10/Brenno-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
17918c467ab1da5d27d00e83a8fda57ad4c4686fa6d32fb2d3160a581ad8e5fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
8804
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Oct 2021 13:26:39 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
fonts.gstatic.com/s/rajdhani/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF_Oreec.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rajdhani:400,500,700,600%7COswald:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://portaldogremista.com.br
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 01:02:35 GMT
x-content-type-options
nosniff
age
246224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jul 2023 01:02:35 GMT
arena-gremio-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/06/arena-gremio-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
8372f2311549cbfb9d4dec11f9fbf27aa778241e2292e55f430e87534cc7cf27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
20572
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Jun 2022 17:51:49 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
ferreira-gremio-alvo-flamengo-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/06/ferreira-gremio-alvo-flamengo-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
286ff0083346b35d6d3e9d86eb7621b216e70d8729dcd50905c9bd7a99eadcdd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
7092
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jun 2022 19:20:02 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
gremio-Arthur-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2021/12/gremio-Arthur-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
b9f9a255c0bddd876a75f34208d5611bddd545f9ceda5d1e3906da9a5136950f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
6698
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Dec 2021 22:50:02 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
campaz-gremio-2-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/campaz-gremio-2-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
06f75416dd96838daf46a10e5cc706d3ac80b41507b22b5611d8c90d15eb1a69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
12236
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 18:39:19 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
guerrinha-comentarista-gaucha-gremio-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/guerrinha-comentarista-gaucha-gremio-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
c7a3344c158a9a67ea9fbbe6dde6e540634005087b23e38eff5d7982593d4f01
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
6906
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 18:07:30 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
bitello-gremio-x-ponte-preta-serie-b-2022-357x210.png.webp
portaldogremista.com.br/wp-content/uploads/2022/04/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/04/bitello-gremio-x-ponte-preta-serie-b-2022-357x210.png.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
5cce4ad8da7ea35d0b8518a1c5d78dac045bf37a24e8fccc0b87f890a9b476e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
16650
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Apr 2022 12:53:08 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
gremio-x-ponte-preta-historico-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/gremio-x-ponte-preta-historico-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
c9d1e80c44ec1f59aa0b10726ccf869c795f01048bed1a20fcc4a4754a3acba0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
10980
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 17:11:33 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
narrador-pedro-ernesto-denardin-gremio-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/narrador-pedro-ernesto-denardin-gremio-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
53d7ce0a8bc5f759495bb3d75ff3df894b4cf9d9262db76c80401864594fe59d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
10180
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 15:22:40 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
lucas-leiva-gremio-6-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/06/lucas-leiva-gremio-6-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
295c24e88eeeccd792f9168cc3316b11b3b1cffa1c125d33ad5fd30fb2660c1d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
10488
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Jun 2022 21:28:07 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
pedro-ernesto-denardin-jornalista-narrador-gaucha-gremio-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/pedro-ernesto-denardin-jornalista-narrador-gaucha-gremio-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
5c820d42d568e6ad697041d73d2ee63362d558a757d62289dcf16ec8750b1ae1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
7466
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 15:35:27 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
maxi-lopez-ex-gremio-dono-clube-ingles-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/maxi-lopez-ex-gremio-dono-clube-ingles-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
a3393afd6c8ae41da45ff84dcf221154ad51e7b43fd02c276a72f0bba081f4ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
8578
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 15:28:37 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
zinho-base-gremio-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/zinho-base-gremio-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
f302c34fc9a685af679b05287321c6d0c09336e60db48ca5943cee4e3498dc8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
11610
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Jul 2022 15:14:55 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
rildo-gremio-sao-luiz-escalacao-arbitragem-357x210.png.webp
portaldogremista.com.br/wp-content/uploads/2022/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/02/rildo-gremio-sao-luiz-escalacao-arbitragem-357x210.png.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
84aa8d47d39a80b06c28f29f78072dff4a0f4a5a4fbc688a774c20ddf414d278
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
22390
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 20 Feb 2022 00:29:54 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
web-vitals.umd.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@2.1.4
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15707614
fly-request-id
01FSX6GNMHG61XC2EVA2S5CEWB
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72e703a4ca3f7154-YUL

Redirect headers

date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FSX6HZMM34P8FW25PGXYVGD6
server
cloudflare
age
15707571
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72e703a368417154-YUL
access-control-allow-origin
*
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c3d1b4a331e7c3ff01be9d2d63e355141270d29e859ee07eca10c18269c295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28349
x-xss-protection
0
server
sffe
etag
"1280 / 70 of 1000 / last-modified: 1658401714"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Jul 2022 21:26:19 GMT
/
clickiocdn.com/hbadx/ 		46 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_nf09n07idc91lb5p&rt=877933051&site_id=221287&title=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&l=https%3A%2F%2Fportaldogremista.com.br%2F
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
febc3fa3771af82aef3ba5f45e65010ba6330762634fc27ec6e2e1469733f6f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
server
nginx/1.16.0
iseu
noneu
content-type
text/html; charset=ISO-8859-1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&c9=
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Server
13.225.223.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-105.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
easJjzl2gxQLKIZPborAUl588PWiUO3hx3UzsB8uEn1CK5W8Npq1bA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1658438779409&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&c9=
date
Thu, 21 Jul 2022 21:26:19 GMT
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
content-length
0
x-amz-cf-id
AprLuKDVAtpVuuI70DziavqPuVnXMX2XRsmDifsR9XxaHTDzenhAjQ==
x-cache
Miss from cloudfront
thaciano-gremio-2-357x210.jpg.webp
portaldogremista.com.br/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/07/thaciano-gremio-2-357x210.jpg.webp
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
f5ba8c34d9b136f92cc662befc08ab6aeed6ed89c62c3e727f2218f52551bd87
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
17168
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Jul 2022 17:59:35 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:19 GMT
pushnews-sw.js
portaldogremista.com.br/ 		62 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:16 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
62
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 10 Jan 2020 11:22:34 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:16 GMT
cookie.html
cookies.pn.vg/ Frame E2E7 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.pn.vg/cookie.html
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
72e703a4cc897151-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 21:26:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 08 Oct 2021 14:22:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48dCxU5cFUoUpeBT51XPMcTCkE4wBMDfnKAp7PIRzff%2FgluvrP0sXs5wUbHYkYckcMUEy8xCupRSufgicSdqi%2BoR1X85Iy6Zzzz7%2BZB%2Beo2feIevfLOYr2ZKn7BLGcZsR%2BlfYkjJzIDR54OL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 70641f5df56ba9a18ec1e10fa85bf5ef.cloudfront.net (CloudFront)
x-amz-cf-id
0LNBoEzTCt4fRRgvx6IashvdiDfaW9oF-dor666-eJ9S9uRTV0-0dA==
x-amz-cf-pop
EWR52-C4
x-cache
Hit from cloudfront
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=476004918&t=pageview&_s=1&dl=https%3A%2F%2Fportaldogremista.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=696681139&gjid=1061546746&cid=165002721.1658438779&tid=UA-133663011-1&_gid=247935224.1658438779&_r=1&gtm=2ou7i0&did=dZGIzZG&gdid=dZGIzZG&z=119989143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-202010011.2.js
widget.perfectmarket.com/portaldogremista-network/ 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/portaldogremista-network/pmk-202010011.2.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/portaldogremista-network/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5fcc4a55fa9956cc18618f6e31c5a6e931c7cc6946a804706c4099296ff1540

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
qwxx7v86zhSL.Lew1Nlkcq_2R3nkVbAx
content-encoding
gzip
etag
"6635d2fc341d2727f558b1c586668112"
age
208703
x-cache
HIT, HIT
content-length
32412
x-amz-id-2
EVo1bNymMFlBlwVolpSt3ck3raVRsNLQynZQ/NDEPvpGEHnUitNWOEa1n+ZRs9i43lLdWm7jnxw=
x-served-by
cache-lax10660-LGB, cache-yul12828-YUL
last-modified
Tue, 19 Jul 2022 11:27:47 GMT
server
AmazonS3
x-timer
S1658438780.651092,VS0,VE1
date
Thu, 21 Jul 2022 21:26:19 GMT
vary
Accept-Encoding,,
x-amz-request-id
1TQADJJXP8SEVCY7
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
cookie.js
partner.googleadservices.com/gampad/ 		413 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=portaldogremista.com.br&callback=_gfp_s_&client=ca-pub-9769021838213495&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
2d0ebd73c19ff527d880dfa57be81f59368fe52492ba014923e94e7d69ec9c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13A7 		96 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7173a88fbac153d84a3b6da88a4bf1b4f6f38f3a5894e95d398af4929bf62050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32936
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-133663011-1&cid=165002721.1658438779&jid=696681139&gjid=1061546746&_gid=247935224.1658438779&_u=aGBAAUIgAAAAAC~&z=1230613439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Jul 2022 21:26:19 GMT
content-type
text/plain
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8160 		93 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42565e7d3e98a84e4fb2b400338f1673263f2dce7a114010085618f21ad87e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32290
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bid
ap.lijit.com/rtb/ 		94 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.0-pre
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
842086803d805d35b198da3c0bbe2a5da5d034d42886250656eb39f2bd927982

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Jul 2022 21:26:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://portaldogremista.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5347458d046e7e220d74620ec028eb54328d467519d4575802d0d3393bd60f2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:19 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ca19f77-d52e-43b1-8f8c-7b71966b7d98
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://portaldogremista.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portaldogremista.com.br
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		18 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.0-pre&cb=49059221653
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portaldogremista.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ 		981 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
3f019d3037b4b1fc9477e2001bbd212ea7670075bbb03a4eaddd7ecdd8d4f35b

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1969370&size_id=2&alt_size_ids=43&rp_schain=1.0,1!clickio.com,145540,1,,,&rf=https%3A%2F%2Fportaldogremista.com.br%2F&tk_flint=pbjs_lite_v6.29.0-pre&x_source.tid=f36643c0-158f-4b26-9b24-cb704259d32b&l_pb_bid_id=1254f21c119c3f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33693152312769303
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7156cb5517592d1d6e285333a2baba269dee740aa3064132e2ed168dd7f34637

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:20 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://portaldogremista.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=657189&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213f2b0d40e83ecf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fportaldogremista.com.br%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fportaldogremista.com.br%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214ca4ca8d81c67b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22657189%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22657189%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22clickio.com%22%2C%22sid%22%3A%22145540%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255ee0a5c08e8f443493e70fc6a9f76c269210734309f95e1a6ac80682d9f278

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQo6u0z0dJ9sSuFFyAYyVCFXmnpL%2F2X0idBH8G49lhfee7ZwWaFQf3ujid5XAxayphCIeQhjguTcknp9oQPrJ116f%2B50bEanyBdzAoGDDJ6sWPwTm0hfQuJ6Oqtr%2B%2FFdPXvEucxG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
72e703a6397da21a-YYZ
expires
0
adjson
ads.betweendigital.com/ 		2 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
arj
alz-d.openx.net/w/1.0/ 		173 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://alz-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fportaldogremista.com.br%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f36643c0-158f-4b26-9b24-cb704259d32b&nocache=1658438779813&schain=1.0%2C1!clickio.com%2C145540%2C1%2C%2C%2C&aus=728x90%2C320x50&divids=%252F45470634%252C22442049136%252Fclickio_area_677200_728x90__0__9kahewm74wxx9d3&aucs=&auid=543961835
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
2af63a7b040fd039588fcf06452e814f7fccf2fa8289460f0ed739f909e83fe3

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://portaldogremista.com.br
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2022071801.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131644
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Jul 2023 16:22:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		230 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=portaldogremista.com.br
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
bcdd34afdb90d75dabcade4f4b6bc0021947c24ae800e01e89fbf0f272fac1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132
x-xss-protection
0
expires
Thu, 21 Jul 2022 21:26:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1E6B 		93 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2397f50767f709c20b7eb1b50c0be561e8b0e9491a68342a9280166e9b8cf4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32163
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&fcp_green=1376.600&fcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame F6D8 		95 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7432ac4083ecf2eb9969a631ac880b2362043908bb9bd34d7f180860be03bc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31423
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=0.003&cls_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=-0.003&cls_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=0.018&cls_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=-0.018&cls_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=0.019&cls_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=1376.599&lcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=-1376.599&lcp_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=1552.099&lcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=-1552.099&lcp_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=2003.000&lcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:19 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3647
date
Thu, 21 Jul 2022 20:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Jul 2022 22:25:32 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=476004918&t=pageview&_s=1&dl=https%3A%2F%2Fportaldogremista.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIhAAAAAC~&jid=1924162282&gjid=112899065&cid=165002721.1658438779&tid=UA-39296755-10&_gid=247935224.1658438779&_r=1&_slc=1&z=1545769049
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 917D 		81 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
391bc46f6a390af69ccb3194540ca1f10a074c54c4b5cec0530d8b1d8efb7e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29948
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=476004918&t=pageview&_s=2&dl=https%3A%2F%2Fportaldogremista.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIhAAAAAC~&jid=&gjid=&cid=165002721.1658438779&tid=UA-39296755-10&_gid=247935224.1658438779&z=1251349199
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:12:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11637
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=476004918&t=pageview&_s=2&dl=https%3A%2F%2Fportaldogremista.com.br%2F&ul=en-us&de=UTF-8&dt=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIhAAAAAC~&jid=&gjid=&cid=165002721.1658438779&tid=UA-133663011-1&_gid=247935224.1658438779&gtm=2ou7i0&did=dZGIzZG&gdid=dZGIzZG&z=282401226
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 18:12:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11637
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ab226bf7dc4eccb159825803a6726f3a.js
scripts.cleverwebserver.com/ 		151 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/ab226bf7dc4eccb159825803a6726f3a.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1457f923a5d59eda64acb68e997c0d9e9d344e5066257ec7a7faf678c3950605

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 12:44:32 GMT
server
cloudflare
x-amz-request-id
ZM4M7QX0KK61P3Q6
etag
W/"6562a6cac530703296391a3529264c4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
SYXljYxUcruYR387B56c1PrF5fjawhe1
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
72e703a71db5713c-YUL
x-amz-id-2
lUDA2aqt9WX5cLv3Q0y3Pl2Ddjz4o8SyjFzDSIxRNwXAS88Bp+ZgjFqNOq2y/4kqixgcY1XG/IU=
expires
Thu, 21 Jul 2022 21:56:20 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-105.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:16:02 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
18638
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
Ch6ax9om0rFvGNHyAKIvIjbx2PZ5ZAXyqwE3ok_mMrOhWgEsv61anw==
/
pro.ip-api.com/json/ 		34 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=gynC83fhhUJjhRu&fields=region,countryCode
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
us-ny-1.pro.ip-api.com
Software
/
Resource Hash
b2e24b602b089d42b435bc1c58347acbbf844267de034dd49f3c4aa6bf6f49e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Jul 2022 21:26:20 GMT
Content-Length
34
Content-Type
application/json; charset=utf-8
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D657 		193 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&adk=1812271804&adf=3025194257&lmt=1658438779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fportaldogremista.com.br%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779992&bpp=1&bdt=1483&idt=1&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9af7e9d4157777b2-22c09d2cfed300f7%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbzUg-peVljAaWyNzxeXxB1iKHDJw&gpic=UID%3D0000064ced013d55%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbcqfaJScLhICtdEOEW5hV88JHSLQ&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280%2C407x280&nras=1&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=47
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61bdefeb5903b77fd07e718d0201c0044d12fe44405e79181befcdb208bff888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
49842
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7277fd9e9bb43fe39b1403784cf6a3b8542ef4cb082f3d4e16e758c43ee5a8c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
via
1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 13 Jan 2022 09:54:23 GMT
server
cloudflare
etag
W/"26f66074349e934b34cdefb20b90262e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YolyXpi%2Bl1M%2BG7cJb6WiETwGDMQ4naHFMyzEdbK8xex3qlCYjZmg011d8zLCNc2qY6BMNgDToyqMomgesyPC6K4S4mp320RzV3wDSr6yw%2BAp5tN38n9jPhliOsHOt6qTBII7Ud%2FHwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
x-amz-cf-pop
YUL62-C1
cf-ray
72e703a75a617133-YUL
x-amz-cf-id
wGymNBaSJcoa4E2cmfLotgJaAu7R_dl8VCFiYJxvVwRvMVZ-AdH6SQ==
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=-2003.000&lcp_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:20 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&lcp_green=2184.599&lcp_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:20 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
admin-ajax.php
portaldogremista.com.br/wp-admin/ 		1 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portaldogremista.com.br/wp-admin/admin-ajax.php
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://portaldogremista.com.br/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
x-litespeed-cache-control
no-cache
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
5
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/html; charset=UTF-8
access-control-allow-origin
cross-origin
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
bet365-mobile.jpg
portaldogremista.com.br/wp-content/uploads/2022/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portaldogremista.com.br/wp-content/uploads/2022/04/bet365-mobile.jpg
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.224.128.162 Xaxim, Brazil, ASN266400 (Ferenz Networks, BR),
Reverse DNS
br5.kangaroo.srv.br
Software
LiteSpeed /
Resource Hash
45411272ff89f32a1955433f2e7b94588f9560b89f805473862582e536cf5fae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
vary
Accept
content-length
4774
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Apr 2022 12:07:57 GMT
server
LiteSpeed
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
cross-origin
cache-control
public, max-age=31557600
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Sat, 22 Jul 2023 03:26:20 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/webp
22654469693
fundingchoicesmessages.google.com/i/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22654469693?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e66451cddc39e8ebf1d947ff41a4ccbdd6a796969d03b0171edf153b6b657fd3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o1_YBDN9Yzqn4YUgn3MI9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-o1_YBDN9Yzqn4YUgn3MI9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o1_YBDN9Yzqn4YUgn3MI9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-o1_YBDN9Yzqn4YUgn3MI9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
600eb9802c2ab79f76ca28d78885f65718256572fa0d6f4d21ba0bde607b8502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56703
x-xss-protection
0
server
cafe
etag
6009062268264791101
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 21:26:20 GMT
b
sb.scorecardresearch.com/ 		0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b3&cv=3.8.0.210223&ns__t=1658438780190&ns_c=UTF-8&c7=https%3A%2F%2Fportaldogremista.com.br%2F&c8=Portal%20do%20Gremista%20-%20As%20%C3%BAltimas%20not%C3%ADcias%20do%20Gr%C3%AAmio%20Foot-Ball%20Porto%20Alegrense.&c9=
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-105.jfk51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
via
1.1 77699b215ba027ad60872ff7339255fc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
x-amz-cf-id
r22uFqs36kO53_tPYile4Pnuc0ys6OdfBjaBvGmD3uyvx9mT35_x-g==
x-cache
Miss from cloudfront
web
api.pn.vg/api/v1/sync/a5fed89b-5105-42ae-a786-711eb878c453/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.pn.vg/api/v1/sync/a5fed89b-5105-42ae-a786-711eb878c453/web
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663b896d000dc492b7148b7d4db87f1ab6b3a132839ce243a4668ac542d85f3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c61-N1tQGjHS0X0cbdRAUu2KrXvT92A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjeiGfGKykSxK4J8sFt6YxPUgm3DSklPB%2B2tdXMa0w%2FrV4GQd2n3B7%2B5iaBv8%2FEqrgkFLO0L5GJQ7FS9xmhGG6EAUV4sctq5aKC9kecJuKnrE%2BFC7160jtEJBvOmmU4QoXqEeTMe%2FKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-exit
success
cf-ray
72e703a88e84ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame 1E6B 		8 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:19:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1E6B 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:49:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 1E6B 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1E6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E6B 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1E6B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:21:40 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame 1E6B 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 23:08:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:17:16 GMT
/
ui.cleverwebserver.com/ 		144 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb0e75667edd08f35a996373fea36bce51bc659ad81f53e61af29d863535f17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72e703a87f8e713c-YUL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
adview
googleads.g.doubleclick.net/pagead/ Frame 1E6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkrjPe8TZYu6HNejRo9kPrfWRqAustf-ma7bh8IOFDPnBjO-SDhABIOWHhj9g_eiigfADoAGumIqiAsgBCakCPtIomngVsT6oAwHIA8sEqgTSAU_Qt5PF0BUfgiuy22-sAloR7TDuckn9V8hwoeXA8H1GATazspG9Ls-ZJ7FZnYHuopP6JJZAF9hrvcjP_089xPlmVlCOqK0e_Fzm6gHO0-WBT77h41UaBr96Dci0ESaD6PkstH6o2ZeArUrIqoJO6wwxsPluLFIo-bFa9O4WYwiJ6gcZ9xxUcq6aZyZAgUHscAAJ3ibZ9YXpLF0OVo8H2TKQt0j0ZW3NbAPoWfZ903Uj_lG5tgKXNhWXuK6aq7JcJAphkH-psfHDrHSyxUzBJZxmj8AEjv7s54UDkgUECAQYAZIFBAgFGASgBi6AB7rn9d0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-ucB0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBOIJ9gTDIgUA9AVAYAXAbIXHAoaCAASFHB1Yi05NzY5MDIxODM4MjEzNDk1GAA&sigh=hRiZ9O32TMI&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 21 Jul 2022 21:26:20 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5621755437179856090/ Frame 1E6B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5621755437179856090/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024b43e32a7e8c0a4f33050959d01d4d7c423e7fc6b3f9a569fe01a1de8d80c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 04:54:10 GMT
x-content-type-options
nosniff
age
405130
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18367
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 14:21:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Jul 2023 04:54:10 GMT
truncated
/ Frame 1E6B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1E6B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 13A7 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:14:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 13A7 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:49:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 13A7 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 13A7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 13A7 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 13A7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:36 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame 13A7 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 23:08:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:17:16 GMT
css
fonts.googleapis.com/ Frame 8160 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:11:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 8160 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:49:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 8160 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 8160 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8160 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 8160 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:36 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame 8160 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 23:08:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:17:16 GMT
2065138963623050543
tpc.googlesyndication.com/simgad/ Frame F6D8 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2065138963623050543?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnusIGw5X-QP0V0-dHRCV7OydpAeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdc32f75686885456601c9a4e32fccb84ec7599ba1912287484256de4db75db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 15:04:01 GMT
x-content-type-options
nosniff
age
454939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88551
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 18:58:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 15:04:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame F6D8 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame F6D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F6D8 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 06:13:49 GMT
x-content-type-options
nosniff
server
cafe
age
54751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Fri, 22 Jul 2022 06:13:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F6D8 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame F6D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:36 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame F6D8 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe0dd527489b9ada352a33c4c98447e0070705bc816dfb87f3b008fb8ff5514a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12705
x-xss-protection
0
server
cafe
etag
7888163778620344625
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:19:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8160 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CxcqYe8TZYt6MMOGfo9kP4PukiAastf-ma_7i8IOFDPnBjO-SDhABIOWHhj9g_eiigfADoAGumIqiAsgBCakCL5D_nuoVsT6oAwHIA8sEqgTYAU_QXqt9lW9-rP-r4AaOqkL4-x6D8ncksmrJv6ZFTEFatMaQbSYN_CWLf9ycLuxGbyhckFqvgb0WJbG-rLKjV39Yrb6yBNcugMzfNUQOkfrTrkKgNAZH9oWNPfGbb2BXcmbbaO8bPWQUc0G-y66UgGdj6_5bwfd-GB1Mb1TDGj704_RxNPMrmlNArANALWVQOGvbMPCo9IXIgSKnphnqdQsZnoKSd0XLC7HBWF4TlZ3PLfD9DLrJwS-sArVcKSvAw4BRE3_zdL-t91ilbZoUK1D0dM-z_d_I4cAEjv7s54UDkgUECAQYAZIFBAgFGASgBi6AB7rn9d0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9d4C0ggPCIBhEAEYHzICigI6AoBAgAoByAsBogwIKgYKBM-nsQK4E4gn2BMMiBQD0BUBgBcBshccChoIABIUcHViLTk3NjkwMjE4MzgyMTM0OTUYAA&sigh=Gb-I1dXVWKo&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/7695436785358713422/ Frame 13A7 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7695436785358713422/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5754d6f6ea79a50d2cb836e91a2130caf24b0ca16cb3fb78ecc16d05ab294622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44077
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 19:52:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Jul 2023 21:26:20 GMT
truncated
/ Frame 13A7 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 13A7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
623f42b0ad3d6b063f4b6afd072ce85d8b0a3bfc8dc26ca572f852da826ff76d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
downsize_200k_v1
tpc.googlesyndication.com/simgad/10972323774601667832/ Frame 8160 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10972323774601667832/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ad5e6dcc7babba8a878eed69b754f69d404973b000dab71d0548438b44dd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 06:58:21 GMT
x-content-type-options
nosniff
age
138479
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44354
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 14:21:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 06:58:21 GMT
truncated
/ Frame 8160 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8160 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 13A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSNFXe8TZYperL5SaoPMPhsK-0A_n6MmDa7eC8OfzD5jR4uqVMBABIOWHhj9g_eiigfADoAGAirvIA8gBCagDAcgDywSqBNQBT9B_iOqWHV9dJKUDuP55kkkxIYdB_2c5U4EoPb9w4VosKBQ-9tAYzAhjL8W0FoQFoao-dAoRfN67Pi3QUB8NvKM0qw7DcOcKpT5u57wfLBgd0nJYujkAfzlVNAaAkI1L6dywEBwAFuLxkq8MjWeiBxV_nWnqUtpyI3te-4tfY42K7qVa5wVb7cL088ArEwA79Pa1rYxmKQOEGyQE0WRJnzDiIqPZ1KzYMkHnJR1fO50PFzA0yvByBSFT4JyhlqspQCWwc90YNnyidGZ_XYtDHO7x7QXABI-2u4r6A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfo9cQ3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6YAI0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBOIJ9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzY5MDIxODM4MjEzNDk1GAA&sigh=tmJl77HaKqY&uach_m=[UACH]&template_id=5000&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F6D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwNdke8TZYo2nN7KaqMwPq-CZQPrD6qhr67qi5qMQgp3coNQBEAEg5YeGP2D96KKB8AOgAcTl5swCyAECqQKEKZqlrwyqPqgDAcgDyQSqBNUBT9Cx9AznLF07cyxopBcd0fM1HClXsq6f3mOf8WJhX3YsywrVF5MtckCSMkI8Ys2qAc1MENETyFnbxeirW6z8bL4ri-HmN2hLwpIU67SB1oWG40oDOF_ETjb1yu2n_gF3Oaz2LC0FtPSb-BfNjuWZS6Mi8TwtEXajj4plSQvIURT8Kg2bwcLHQNVj4RZ4f1KmoCCTvKp6AB2dXKrYGgcI4oI7IHMnU_Lv7TPYbmgZTNcyvfQqsVM0TO-onW1gZ3bJp0mKrCHxnkzdv9wuwnHCw3qKsVLewATDwuaUigOSBQQIBBgBkgUECAUYBKAGAoAHpJqZswGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC88gHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTc2OTAyMTgzODIxMzQ5NRgA&sigh=s3rOqQ_e8is&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 1E6B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc1b102b43c611ff116fd286a5657fc24e9af5dfe41ed02019fb0939b171786

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxXqDqwXYmWpBeaYSxMoUqH28XZ_g751LVpyYg6-bqdfZj7HO0HXZpP7sg7cUYIDdTlR1WOsRB3cx_J9_qa0toQ=
fundingchoicesmessages.google.com/f/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXqDqwXYmWpBeaYSxMoUqH28XZ_g751LVpyYg6-bqdfZj7HO0HXZpP7sg7cUYIDdTlR1WOsRB3cx_J9_qa0toQ=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU4NDM4NzgwLDQ0NDAwMDAwMF0sIjlERDdGNDg0LTdFQUYtNDY1Ny05RkVBLTE4RUYxQTBEREQ5QyIsIjc4NzhBODE1LTVENTktNDQ0Ny1BQTZELUYyMTU1RjM0MTNFNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3BvcnRhbGRvZ3JlbWlzdGEuY29tLmJyLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54e49cda641d2e9804a7b1fb52e8a5534815312d7cefe1b726051bcb82c70f59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PZ78CiptGA2hYd4I8wrQTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PZ78CiptGA2hYd4I8wrQTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-PZ78CiptGA2hYd4I8wrQTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PZ78CiptGA2hYd4I8wrQTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 1E6B 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 19:32:38 GMT
x-content-type-options
nosniff
age
93222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 19:32:38 GMT
css
fonts.googleapis.com/ Frame 917D 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:15:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 917D 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:49:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 917D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 917D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 917D 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 917D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:36 GMT
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame 917D 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 23:08:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:17:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179651176077250&correlator=4487303860628881&eid=31068527%2C31068502&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fif&gdpr=0&iu_parts=45470634%3A22442049136%2Cclickio_area_677200_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=3834479838&sfv=1-0-38&ecs=20220721&fsapi=false&prev_scp=autorefresh%3D30_sec%26unit_type%3Dfixed%26ar_imp%3D0%26clsid%3D221287%26claid%3D677200&cust_params=clpv%3D438780132_uvfl2a7ixc%26adm_lazy_load%3D1%26adm_lazy_load_var%3D400x400d%26adm_lazy_load_dev%3D400x400d&sc=1&cookie=ID%3D9af7e9d4157777b2-22c09d2cfed300f7%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbzUg-peVljAaWyNzxeXxB1iKHDJw&gpic=UID%3D0000064ced013d55%3AT%3D1658438779%3ART%3D1658438779%3AS%3DALNI_MbcqfaJScLhICtdEOEW5hV88JHSLQ&abxe=1&dt=1658438780531&lmt=1658438780&dlt=1658438778509&idt=1618&adxs=453&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fportaldogremista.com.br%2F&frm=20&vis=1&psz=761x-1&msz=761x-1&fws=512&ohw=0&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
0986413e0612c738c209211538786a9b1fd0ea03acf3c1f33cbaf3ff94beb62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34895
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://portaldogremista.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7466 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Fri, 21 Jul 2023 21:26:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 13A7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c14f8825dd2751a56927089f0998e497beb8f7cbaf50fca1b3d2b9165db5a0f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 917D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CD3tje8TZYpXmOauWqMwP9Jit0Amstf-ma8bf8IOFDOLS3IzXCxABIOWHhj9g_eiigfADoAGumIqiAsgBCakCPtIomngVsT6oAwHIA8sEqgTYAU_Qoq6fg0kKf5p4Y54yr_y9FF5dOb-IMBo58rQ5kBEfLid9YYMKney7jj4EFjA3yxI7l8dZ5jSbBtWiDiOHvP2yF8pDJrQejbS1OIkuea0TkTuayFleKCnzjOL3L0CftalgJSCWfLI6h15UYAgyMwt5nybGfqbEnSEnNclvQvdD6js6-fm05osB-FzBfbOJ_l0FPru4tcqNEcY-dy2JSqAdvJLggT7NzVZJowEWfJXDHy30xq1fTAZJACgwosUcvax0ggG7XiWpjp7ElR7CuOLSvAP27BIB2cAEjv7s54UDkgUECAQYAZIFBAgFGASgBi6AB7rn9d0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQh7EK0ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi05NzY5MDIxODM4MjEzNDk1GAA&sigh=LAhwnQG_uXI&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 20:39:53 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 13A7 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 20:34:36 GMT
x-content-type-options
nosniff
age
89504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 20:34:36 GMT
truncated
/ Frame 8160 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2585b73f765381af568ee728fb2e133f4b1dc9ee9535357dbc8abe19fc3fb9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F6D8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b87a92d7d1f3a6d1f1b39e6bbabc769d98d3490a70c70b685b20710be18ccd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/5182090975667290538/ Frame 917D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5182090975667290538/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56549a000ac4ad5233cfae784cb4aca9a5024e6b3e33cefb488a59b6234113a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 19:32:33 GMT
x-content-type-options
nosniff
age
438827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22078
x-xss-protection
0
last-modified
Sat, 01 Aug 2020 14:21:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Jul 2023 19:32:33 GMT
truncated
/ Frame 917D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame EE0C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=2503611618&adf=718282406&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779261&bpp=1&bdt=752&idt=569&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=596&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=VYsgEfNTKo&p=https%3A//portaldogremista.com.br&dtd=572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8160 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 20:34:36 GMT
x-content-type-options
nosniff
age
89504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 20:34:36 GMT
truncated
/ Frame 917D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6290d95dba8dd57f9b3e3c5e565a7c67e3619b870ed66e45d480c4bf8986bfe0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxXtkn5PE5Xyy-6Btrvp4hLXRv3lhE_tnqQ-YKGM3Y8J2An8xKzgqe45LhyBPmDhbl-Y9JMOv9Yd4b1iBSzMb25AmZ8GxUZ6Ip3iIyc74NA-5VHtzFzZy1xNojv3z24ywzABgQe49AxwXljoaOtbvfnvVH4wxuDifIn7yZdZ8bzojpUyYZlm1LNBNVc6
fundingchoicesmessages.google.com/f/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXtkn5PE5Xyy-6Btrvp4hLXRv3lhE_tnqQ-YKGM3Y8J2An8xKzgqe45LhyBPmDhbl-Y9JMOv9Yd4b1iBSzMb25AmZ8GxUZ6Ip3iIyc74NA-5VHtzFzZy1xNojv3z24ywzABgQe49AxwXljoaOtbvfnvVH4wxuDifIn7yZdZ8bzojpUyYZlm1LNBNVc6?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU4NDM4NzgwLDc0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcG9ydGFsZG9ncmVtaXN0YS5jb20uYnIvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.en_US.d1Vzo_a3y9g.es5.O/d=1/rs=AJlcJMzbzWDCmOWtnRMiFvvIGok13AOhPg/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07d46515cabde2591c38a6d3369950e4bac80abd934f3ac81210b64f1c7cb4db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zff83dKcr1qcCXAqUn-uTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zff83dKcr1qcCXAqUn-uTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-Zff83dKcr1qcCXAqUn-uTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Zff83dKcr1qcCXAqUn-uTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Thu, 21 Jul 2022 21:26:20 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame 4B71 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=6284518427&adk=550189140&adf=607956246&pi=t.ma~as.6284518427&w=1200&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779220&bpp=4&bdt=711&idt=446&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=5379837151257&frm=20&pv=2&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lx3QL0CHmZ&p=https%3A//portaldogremista.com.br&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Jul 2022 21:26:20 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
067dad1cb6e3c20294e992cbcf485c1ad738e59895faad6ad8be7ef5c1385af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54136
x-xss-protection
0
server
cafe
etag
6623570484042941656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 21:26:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 917D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 19:31:57 GMT
x-content-type-options
nosniff
age
93263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 19:31:57 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 917D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 19:33:19 GMT
x-content-type-options
nosniff
age
93181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 19:33:19 GMT
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame 8922 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=3018959284&adf=2301010879&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779255&bpp=2&bdt=746&idt=494&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=dViU3tBait&p=https%3A//portaldogremista.com.br&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7CA2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Thu, 21 Jul 2022 21:26:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 21:26:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame 14C4 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=1890278521&adf=3735238055&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779280&bpp=2&bdt=771&idt=584&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1031&ady=2202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=gW65RbWche&p=https%3A//portaldogremista.com.br&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame FD56 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9769021838213495&output=html&h=280&slotname=4080973986&adk=374916891&adf=1276058672&pi=t.ma~as.4080973986&w=407&fwrn=4&fwrnh=100&lmt=1658438779&rafmt=1&psa=0&format=407x280&url=https%3A%2F%2Fportaldogremista.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658438779285&bpp=1&bdt=777&idt=614&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C407x280%2C407x280%2C407x280&correlator=5379837151257&frm=20&pv=1&ga_vid=165002721.1658438779&ga_sid=1658438780&ga_hid=476004918&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761793&oid=2&pvsid=179651176077250&tmod=1284921016&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=pGA9Hdazvy&p=https%3A//portaldogremista.com.br&dtd=621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:27 GMT
server
nginx
etag
W/"62c89aaf-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Jul 2022 21:26:21 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.222597337616466
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7wOeKqss-qIinP7jyxQwpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-7wOeKqss-qIinP7jyxQwpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-7wOeKqss-qIinP7jyxQwpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-7wOeKqss-qIinP7jyxQwpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options
SAMEORIGIN
date
Thu, 21 Jul 2022 21:26:21 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=4.808297629331916
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-drSYEwJWwoieLqioPomJEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-drSYEwJWwoieLqioPomJEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-drSYEwJWwoieLqioPomJEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-drSYEwJWwoieLqioPomJEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 21 Jul 2022 21:26:21 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portaldogremista.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/ Frame EB7A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
18313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 16:21:08 GMT
etag
8616628553774171045
expires
Thu, 04 Aug 2022 16:21:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FBD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:20 GMT
expires
Fri, 21 Jul 2023 21:26:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=-0.019&cls_green_cnt=-1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:21 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&cls_green=0.025&cls_green_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:21 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yAJCm2g2gKRfe6J7ZBh2iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yAJCm2g2gKRfe6J7ZBh2iQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-yAJCm2g2gKRfe6J7ZBh2iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-yAJCm2g2gKRfe6J7ZBh2iQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame EB7A 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:19:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:21 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EB7A 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 08:06:39 GMT
x-content-type-options
nosniff
age
47982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Jul 2023 08:06:39 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EB7A 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 10:24:38 GMT
x-content-type-options
nosniff
age
558103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Jul 2023 10:24:38 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame EB7A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3022
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:35:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0B75 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 7FBD 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 15:24:24 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 7FBD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 15:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 15:24:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7FBD 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgNkWW92vlHHzr871SF-IuhL_0LSrrgCbRH7a_c2gMJkOYbubOh2wAedCWU0uEUxkdjuiiByyq41veEY1vFCxaCLoySfVcF2KgvH1A_PthLBPRms59Jjtq-MItjL-QU9ihh3ZgyexH9k6cx08wrBYk2VoD6D6nldgzX3oM62qbzY6B88FsEk3RT4gxFtOf84xC-L6Omju_1HvmzqTMVln1VZ4PE8a_a8sMlBZz22j9was8QMgaqcALcVyATgFdiXYIVHxRG30jdPtufn5U1Ig_GK6dR9flK8tdT62sZ8xyPsZ4dZLaoOIpUqclSWgwB4njPlyx2ARjShEC23CHd3A_nry7brYexFM7q3DOJMzgHIuYXRryUaEvrM7b-xDvdkjeJRwy6krvFUZ3OqavnHI7wp08kdMmEo7ocIwmBTeVjn0oiytnNOuxmbIUn9imn9pPjs7xfTibQIQnjl6Kqq1KfxOMpP1B_WH0pcfreHXaMYZX-SZx-z78WLuQXT3sQT8vUIA8S7SALHN_7q5CNnGw7Fcw9Aju_j5122webUDTUeCPB3ow60hWrjYEwvVUjhHPMmiasX6KAjjruDNfFzp1BIopBBUHhMNlxQ0AJzphzuTRigJ8QInU8V1AJJjiO6yJ2mKRL-ys8OAkQB-D2YdwX985DficIP1RUGwEw2VYQkRH2vI-RhzGag5sTEr-hFVnT1SpXpWVYdtH1OzZ74juXoCnnQr-IR-Xxv2kNTIqICVQKkCSRiHCfWWtuKjSXalCuienEW9PtRUEojU2Ln44Kh60jaI97eLrOKgVv_1GrvcW6h5ZgkRT3JFR4-eywU7JdL6EWsnYIBrp7tyF9wpoDCvAt9EtynhMfASHq-0l163V9KKMxWnsWYAhH4o3ZNgPccYhRenIDijompnNGd3hTknZPSk0FhELR9LnnTMkfvYu9-bpvQAnSwgOLMfsoJM4lvjWbyARXD_AiAg05pdY6gsoXelfjpxXcxtF0qs3lHVnXl8dAQDgFubGntX-evF8XUUUWVDeYtlblibJzmHvrDd47e4n7YMxt3JSKHutwKPNzVZEfnduYkHGoqBntn339GCx9kw0mMd4ozaGXITM7hBIIpXWgT5IiCHdSqRjrmPy7uZZ2Rz1Ar8m9QSzSUYSzweam51ZDGyDYmtnpzXjUwG8qyZ6i_eFJK6uIGDMx6XRH0cGZFY7RnV_tf4x9YDxJgY07553KS-ZPu8Kat0VFP8MaI4Z-pf2xG_QmQeMzQ4EOyCR0ZIbuXOYq7PAQlg&sai=AMfl-YThCcN0MydiGH-QcXPvWn-Pnr-KvLx1vyi2RTxixVn0k0sv7Mc-ty3_wVn2oGdQ6ZK69tcS8Ds1avhZ3DZEsFIRzZ-B_-tZRWC5suGVMAUPAZbsBwozq3Ztcf57hLkTbuRgkwyU2MPhvW2nCqQsiuGav--Av1F8ZWTanbY1MqJIlSN0FFnapNrp59dkWfB_8Uf2GLaHdIIpq-jOu2iL1_CTGPZc5ujXAEOaXIqdnw00szlSLmB6tJDCBlt8dIAYbWOFxVa1EhO5WdX4cIvv9fVNmGGt3lr_yrXTrTbah4do&sig=Cg0ArKJSzGcDpQyE-B3JEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220721.74586&adurl=
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 21 Jul 2022 21:26:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7FBD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Jul 2023 07:43:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FBD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cn19ef3n_cMxReO-LUuPC3FYS42l6RwgOj7grB-NNlmeC-PFYp00A5mOsaUMEhvr6BbjsqH-QVyewRhlivpv1JPOoJB2_VFptA7p6zNF1m91Cc1AY
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7FBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:12:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FBD 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7FBD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:10:51 GMT
l
www.google.com/ads/measurement/ Frame 7FBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbVBlkyESJIpfAQ0rNTAkKlDoSq2-aa7QSUyCXsYgsZ3EWEkbksf78ZwhokyBXDPbjSHrVphqL5kZUcGvpifnFXLvCIw
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
9897112390324471164
s0.2mdn.net/simgad/ Frame 7FBD 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9897112390324471164
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d860ce7449b2905cac524489cb0fd772e266df0e7b46f2943bf3447bed6363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:15:13 GMT
x-content-type-options
nosniff
age
105068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59870
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 20:12:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 16:15:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 229F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
50258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 07:28:43 GMT
etag
48472445140208031
expires
Fri, 22 Jul 2022 07:28:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EABF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
49399
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 07:43:02 GMT
expires
Fri, 21 Jul 2023 07:43:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 0B75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0&C=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72e703b0482854b5-YYZ
pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWOpiiflo0b83HEEosQxBsrffrcd%2FF1lV1pToVWMGQoGbxwp3KcMNC8aB0dTDYDRT4OT0%2BB7r8JrpaVimwfhg5bBsTOxWEBCv3kL%2FWQSwQ2m80VfPoAIY1vLqL0CU98PPCs3ZTlmhZTFXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIrHVDjfl%2FgAL3ruYT4%2B1OFlZzi3pbHudmqsW4fx25SBDB5HsXZl9rSTOdHixB5gMGfEF4eTBoznlcekQmvdL8e5EzbVegDr%2FAbPUd9rdvxKI%2BVqEVWb%2BOIhuVQXmGW8b94Gf82HeDLpnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1&gdpr=0&C=1
cache-control
no-cache
cf-ray
72e703afef59544f-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0B75
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtnEfbj0QU0iW7mhHOz6XAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72e703b1190354b5-YYZ
pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQjtvA4P3s88Yx49nk50r%2BdYgCn7KFf3rkyrXFF2v8yKiiNkGwTDHaCtqnKpxz3VSZzcxstEflWheRvPww4HdprCKrd4tu2wHV0ZKLUGCGE%2Fe77j%2BGbyITit13p2ropmphP4egFPY82Q7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELNQXYR4-WiY0LqMmMUilfE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0B75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoxOKNF-mztAlmOSN8dlNM&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoxOKNF-mztAlmOSN8dlNM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Protocol
HTTP/1.1
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:21 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
58748c2b-e83c-418a-b4e6-7a30d98513d1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoxOKNF-mztAlmOSN8dlNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxODU5MTY5NzI3MDkxOTQ3Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxODU5MTY5NzI3MDkxOTQ3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP2FygEQ1NvFAhir18DHATAB&v=APEucNUvqdIy3-JySiY_0n6OvWy0PiyTWDqA94bPh_C9VF4OfEUQnODJ1rFdRl0n8L_g3QG-UJRCKRRZ_SSWOFE1_dOrNOdoQ_4jCVWiA2nV6zAfedBxAxs
Protocol
H2
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:21 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5b5092c6-0d44-4005-adb7-4efcf8e52563
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxODU5MTY5NzI3MDkxOTQ3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame B3A2 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:15:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame B3A2 		2 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 20:49:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame B3A2 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:19:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame B3A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3A2 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame B3A2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7334
x-xss-protection
0
server
cafe
etag
1169380200214664902
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 21:25:36 GMT
l
www.google.com/ads/measurement/ Frame B3A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE1a-3d-ba2fg2AH0uvJeo8-sWNh5zMp0ZV_WNKwaLcb_8UUAouYfTfYnomVqz0PkpXS5XshCOPO6rGtmjFgNTN9m0xQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
b8b39a8a01d591fbf8e8e88b2bbf8fd4.js
www.gstatic.com/mysidia/ Frame B3A2 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12830
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 23:08:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 16:17:16 GMT
truncated
/ Frame 7FBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe6c39f4884a7f284d01e20777efa868733c5df14f82cfdf9c6e43bf391dc640

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEvjBfT5YFoa6j-6cOSnTxs&google_push=AehlK4AgxP3nhEEkuOGkTVjZctIJjk9_K2Kg-2K6epB-xMm1fBbEjH1rDN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEvjBfT5YFoa6j-6cOSnTxs&google_push=AehlK4AgxP3nhEEkuOGkTVjZctIJjk9_K2Kg-2K6epB-xMm1fBbEjH1rDNnbZCcnbLnYRvIAd1doTZ8NSZHCkcRR1u8CHJ-1k6ng
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1658438781.446940,VS0,VE15
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEvjBfT5YFoa6j-6cOSnTxs&google_push=AehlK4AgxP3nhEEkuOGkTVjZctIJjk9_K2Kg-2K6epB-xMm1fBbEjH1rDNnbZCcnbLnYRvIAd1doTZ8NSZHCkcRR1u8CHJ-1k6ng
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFXo44xv69VY7m1nxJFmfGQ&google_cver=1&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWtpsZP6bYBJhwoZ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=27A3956640754A76B49E20A290474D7F&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=27A3956640754A76B49E20A290474D7F&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWtpsZP6bYBJhwoZ
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=27A3956640754A76B49E20A290474D7F&google_push=AehlK4DFHR1y93NKm1PhqlzKxwFpYGX2OQopolH31CgPjJYhIN3FjLOdb26ijARcf39VDVxe8V9p3e5qCyD_zWtpsZP6bYBJhwoZ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 20 Jul 2022 21:26:21 GMT
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHLc3IRCOmxsp3iBID8lx5w&google_cver=1&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEHLc3IRCOmxsp3iBID8lx5w&google_cver=1&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9&google_hm=MDMwMzAwMDFfNjJkOWM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9&google_hm=MDMwMzAwMDFfNjJkOWM0N2Q5ZWZhYw%3D%3D
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Jul 2022 21:26:21 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4AhkFtnJ1pfog78HQsxGJnPXumNkVaYV_xMl16vy4oOnZWX3ZmgtJ_sybW_aRHAnzYs39tgxuvXa9THbZmWmYOQ1gMg3im9&google_hm=MDMwMzAwMDFfNjJkOWM0N2Q5ZWZhYw%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
dot.gif
s0.2mdn.net/ Frame 229F 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGSFYPYH8pZ434S-nbc9g6c&google_cver=1&google_push=AehlK4DwQUttl9-tIeetiU8Y30qUFe0zoK81hE9E8OyrnW3slEAjpAbUsZ7PsuBTQ0APVqMOtDzrMUWa12N3qwYycXa2TbIJpbw
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Jul 2022 21:26:21 GMT
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFiCl2KbQwqBoz1GR-r6TmU&google_cver=1&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI3MTc0Mjk1NjY5NTE1NjM1MjI&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO2B...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI3MTc0Mjk1NjY5NTE1NjM1MjI&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO2BEHKZFx5h
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTI3MTc0Mjk1NjY5NTE1NjM1MjI&google_push=AehlK4Cv9qlyQrdte_pNnI4FnbiXMKDegi3DemGiHn-y9wiDcOL5gFUGKQWc0jxCqFqI4neJYznwyDPFfNWGs8GUVO2BEHKZFx5h
Date
Thu, 21 Jul 2022 21:26:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE7IYRMc2wKab22lmNvL_B4&google_cver=1&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YH...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjM1MzQ2NjE1ODk5OTc5Njg5NDUy&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjM1MzQ2NjE1ODk5OTc5Njg5NDUy&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NjM1MzQ2NjE1ODk5OTc5Njg5NDUy&google_push=AehlK4BaVKimuueesr6QqPykmtGC_QpgIUedZ54U806TE2M8yG92p75u6PXWUUoLUfK1Jf9_B7c6y4s7O9WMFLC2if7xiFtc9YHs
date
Thu, 21 Jul 2022 21:26:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 229F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKCm-CrOWjuWyo2F-AgS0FE&google_cver=1&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4S...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKCm-CrOWjuWyo2F-AgS0FE&google_cver=1&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4S...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wYWxUdU1sRTJ1RWpDNEd1dUxTV0hFX1gxUi5xVmd1VH5B&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8oz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wYWxUdU1sRTJ1RWpDNEd1dUxTV0hFX1gxUi5xVmd1VH5B&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4SQuibJLI_V4P4TRS-zSBEc0VvWNPA
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1wYWxUdU1sRTJ1RWpDNEd1dUxTV0hFX1gxUi5xVmd1VH5B&google_push=AehlK4BeAz5zKg72rAMBklhJBBNNn0zmtL2vyF0BYvov6E00HBKhUM8ozK08JQdcN5g0AkLg4SQuibJLI_V4P4TRS-zSBEc0VvWNPA
date
Thu, 21 Jul 2022 21:26:21 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 229F 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LE-NZlHb0VVpMA2MCzheskLEsVaYogVkoL4S-9-igsF6NZtHvwyrm0FJ-KqiA9rCiFIbaBxA
Requested by
Host: 0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
URL: https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 7FBD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgNkWW92vlHHzr871SF-IuhL_0LSrrgCbRH7a_c2gMJkOYbubOh2wAedCWU0uEUxkdjuiiByyq41veEY1vFCxaCLoySfVcF2KgvH1A_PthLBPRms59Jjtq-MItjL-QU9ihh3ZgyexH9k6cx08wrBYk2VoD6D6nldgzX3oM62qbzY6B88FsEk3RT4gxFtOf84xC-L6Omju_1HvmzqTMVln1VZ4PE8a_a8sMlBZz22j9was8QMgaqcALcVyATgFdiXYIVHxRG30jdPtufn5U1Ig_GK6dR9flK8tdT62sZ8xyPsZ4dZLaoOIpUqclSWgwB4njPlyx2ARjShEC23CHd3A_nry7brYexFM7q3DOJMzgHIuYXRryUaEvrM7b-xDvdkjeJRwy6krvFUZ3OqavnHI7wp08kdMmEo7ocIwmBTeVjn0oiytnNOuxmbIUn9imn9pPjs7xfTibQIQnjl6Kqq1KfxOMpP1B_WH0pcfreHXaMYZX-SZx-z78WLuQXT3sQT8vUIA8S7SALHN_7q5CNnGw7Fcw9Aju_j5122webUDTUeCPB3ow60hWrjYEwvVUjhHPMmiasX6KAjjruDNfFzp1BIopBBUHhMNlxQ0AJzphzuTRigJ8QInU8V1AJJjiO6yJ2mKRL-ys8OAkQB-D2YdwX985DficIP1RUGwEw2VYQkRH2vI-RhzGag5sTEr-hFVnT1SpXpWVYdtH1OzZ74juXoCnnQr-IR-Xxv2kNTIqICVQKkCSRiHCfWWtuKjSXalCuienEW9PtRUEojU2Ln44Kh60jaI97eLrOKgVv_1GrvcW6h5ZgkRT3JFR4-eywU7JdL6EWsnYIBrp7tyF9wpoDCvAt9EtynhMfASHq-0l163V9KKMxWnsWYAhH4o3ZNgPccYhRenIDijompnNGd3hTknZPSk0FhELR9LnnTMkfvYu9-bpvQAnSwgOLMfsoJM4lvjWbyARXD_AiAg05pdY6gsoXelfjpxXcxtF0qs3lHVnXl8dAQDgFubGntX-evF8XUUUWVDeYtlblibJzmHvrDd47e4n7YMxt3JSKHutwKPNzVZEfnduYkHGoqBntn339GCx9kw0mMd4ozaGXITM7hBIIpXWgT5IiCHdSqRjrmPy7uZZ2Rz1Ar8m9QSzSUYSzweam51ZDGyDYmtnpzXjUwG8qyZ6i_eFJK6uIGDMx6XRH0cGZFY7RnV_tf4x9YDxJgY07553KS-ZPu8Kat0VFP8MaI4Z-pf2xG_QmQeMzQ4EOyCR0ZIbuXOYq7PAQlg&sai=AMfl-YThCcN0MydiGH-QcXPvWn-Pnr-KvLx1vyi2RTxixVn0k0sv7Mc-ty3_wVn2oGdQ6ZK69tcS8Ds1avhZ3DZEsFIRzZ-B_-tZRWC5suGVMAUPAZbsBwozq3Ztcf57hLkTbuRgkwyU2MPhvW2nCqQsiuGav--Av1F8ZWTanbY1MqJIlSN0FFnapNrp59dkWfB_8Uf2GLaHdIIpq-jOu2iL1_CTGPZc5ujXAEOaXIqdnw00szlSLmB6tJDCBlt8dIAYbWOFxVa1EhO5WdX4cIvv9fVNmGGt3lr_yrXTrTbah4do&sig=Cg0ArKJSzGcDpQyE-B3JEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=150&vt=11&dtpt=150&dett=2&cstd=0&cisv=r20220721.74586&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame EABF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
111124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Jul 2023 14:34:17 GMT
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame 7D69 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: portaldogremista.com.br
URL: https://portaldogremista.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
/
clickiocdn.com/clickiotag_log/ 		83 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/clickiotag_log/?step=0&ses_id=o5pkx3ssfk7ceiz877932473&area_id=677156&type=base&f=__lxG__.tmp.rot_78rk91jixs2d3z7z&rt=878127944
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b712b419acfb62d74f73194d38934b7163945c263d7bcd2303d4d9a666003d73

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
server
nginx/1.16.0
iseu
noneu
content-type
text/html
/
clickiocdn.com/clickiotag_log/ 		83 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/clickiotag_log/?step=1&ses_id=o5pkx3ssfk7ceiz877932473&area_id=677200&type=dfp&f=__lxG__.tmp.rot_78rk91jixs2d3z7z&rt=878128018
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e2754c8374ecd5d96f8f611d0a367c356a37527d868d346b94df29bce91481fa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
server
nginx/1.16.0
iseu
noneu
content-type
text/html
/
clickiocdn.com/clickiotag_log/ 		83 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/clickiotag_log/?step=2&ses_id=o5pkx3ssfk7ceiz877932473&area_id=677200&policy=ok&sub_id=1&f=__lxG__.tmp.rot_78rk91jixs2d3z7z&rt=878128005
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
119e95b732002aacb6d4a459d79aa4963ff75775eeabb5c00d89f2b2fe390f02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
server
nginx/1.16.0
iseu
noneu
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220719&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98eb1e53e0e5032aaa2ad35b015845930882db77fbdd2c3d522bd3fd4933e507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11025
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2614 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=portaldogremista.com.br&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:21 GMT
server-processing-duration-in-ticks
2130
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
clickiocdn.com/utr/wv/ 		42 B
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=221287&wh=1600x1200&rnd=87798430099&lid=0&tid=0&ttfb_yellow=760.200&ttfb_yellow_cnt=1
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:21 GMT
cache-control
no-cache
server
nginx/1.16.0
content-length
42
iseu
noneu
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame EABF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2ceDfMTZYsHPJpaU6toPmJe9kAkAAAAAOAHgBAI&bg=!w8ClwITNAAacadVKvGk7ACkAdvg8Wqv0VFYL3Ke09uqhjI7ArY4wyvFdFKjdSphbkpi9rVWPW5qqrAIAAADSUgAAAAJoAQeZAvMK_YLuVwqmjNw-qKYXqzyK_HYUsjN-GdZiqiwod9gsLl1CiUI1P5YXsLi8N5p4u5RQPvaz6NzUfSdP8SFOwL4U_-qHArwe-Cpni-XYKKWETabRSeS2X6V_DjR_CgB-zH-nFMTUKPdCNfMDsWTNQNZRvg4lvN6pzK8Q3sIqfxNxm4GHYqh-iQQr7sPcMjpMnULQz4inKSEi_15kOfziPFDJBdrf6d8B81yumAvgfwlRB9nTvH-4sra4ipLonPwNjeYwIClEi6ev9Os4LiOiwtrzoLY4SMQyXkjFt6iGTPhIibUN39I5FNQvCzrGG8dbEVI3fxO_WKZ7YCGpbKuTgB0RFamKlXKd2daNPMrorphj_Fx1MGToKvqUjhMXl1AuglVAp-W4x0e-a7GvfIT1saMn647UC9RXbPXBGnX6nICuJJatxn3hYPyB6G8FP31-IZ0rAo-UOJNshNqqb6B0RUODVMfGXHEtztCstPjIF_lyfHFop7fvmqs3JSc42s1k8wwnwPu73NcJln950Qfs_k_JsZUB7oBEm2Hyc6mfjIENq0wE4iBf0rkXugV4oYiJshl7wt9-4IJOHz8QCAWBJf1OKBKk8FkCiUv-Rbqtq-LIZAdew1fK4mHlQKJep2xaJahwp-Xfh1X8g-vQtOVr_V2wEoV4PPCE3rV22ASzq_7rvx1iPA1HHLc358LmJQ7Rkm5Zjqsfbt402PmMXXCS4YIuHPcxj8Blrj1Z0cDfdkEVUMegYKEAYnVtqBTB0FoyPri97_KYRY3BQnNUkX8zC_anjwZXRHHrSWEGH9Xx0bxThIlBx-zNBzPiDPi7Dbh-QkpFzz_VD9-df2er2ZYvG_Q5W1l-tDkbFQEV4G_ZkLxjFWaZszpDeCU9AsHo59B8_C1JiRpt63plELcdmXBIoT-NjVNgK7TcJX8AKUcrLgFHYwjfkPiQeGcrEYEX3gutLs7CUyU4nq3J5HKojZjuYm8gO_h32lQhMg6S_nNi7iDCyphXsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 21:26:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 13A7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEQPeEpmASjZ0N6ggKMTbjHjUnIMdz0snVsZa6rE4tZvH-dbWH0s6aaf43bruOa1C9H9ZfVVeCyUqvJFu_wkwDFv4_IZTMkEejc-h_qO-YR3p1Rh5nLv7gG2P_a0zrT3rFqvA&sai=AMfl-YRBkw59_nwH7_WB8iHvyF75DTGzg9zTvPqsQNPDY7cfCIS3TTgCQMfIAQxSe7dX7b0VxZt7MmYOBfEZ&sig=Cg0ArKJSzC9pIddGNHGOEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=550189140&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658438779707&rpt=995&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 2614
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=portaldogremista.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldogremista.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=eNdzNHxVUlBaZ2R1SjhDSXFVUHpXb3BhcVRGUGZDWXdZVEJYVmtkUkFuUlgveGdGaUFhUjFzOGFERnUxUzJwS2MwTVJVNUNhSGQ5ZFpSa0E0OGVvbG5qcjhvQURqazB3M2pDQlVsbnZYL0JSWGVKQU5kMGhidGtNVDlsTH...
446 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=eNdzNHxVUlBaZ2R1SjhDSXFVUHpXb3BhcVRGUGZDWXdZVEJYVmtkUkFuUlgveGdGaUFhUjFzOGFERnUxUzJwS2MwTVJVNUNhSGQ5ZFpSa0E0OGVvbG5qcjhvQURqazB3M2pDQlVsbnZYL0JSWGVKQU5kMGhidGtNVDlsTHJPL2lvaGZwRytDTENTSC83UHVHSFpSUW43MWpYcEFoeGpjdWpGK0w0WkhBakFrZHhTR2JxZEZIQUl4ZXA2RlJHS041Uy9RcS9xS1JCK1ZRYVpQVTVSQmFqejBicUg2K0E0MEc1eHFIZ2poaE1mMCtiYWdGNkdSam5GYmdQSTJjWnVjRjE4cmZGa1ZHWGplL1hrM2x4dndVSFV6MnlkNDRNdmFzSXpuSVJTcXpNSk9jMnFtTT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
c7952fe27f4321f50a0f08939cb11adf13fbc99325ade317fe52a52c8690741d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5921
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:21 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=eNdzNHxVUlBaZ2R1SjhDSXFVUHpXb3BhcVRGUGZDWXdZVEJYVmtkUkFuUlgveGdGaUFhUjFzOGFERnUxUzJwS2MwTVJVNUNhSGQ5ZFpSa0E0OGVvbG5qcjhvQURqazB3M2pDQlVsbnZYL0JSWGVKQU5kMGhidGtNVDlsTHJPL2lvaGZwRytDTENTSC83UHVHSFpSUW43MWpYcEFoeGpjdWpGK0w0WkhBakFrZHhTR2JxZEZIQUl4ZXA2RlJHS041Uy9RcS9xS1JCK1ZRYVpQVTVSQmFqejBicUg2K0E0MEc1eHFIZ2poaE1mMCtiYWdGNkdSam5GYmdQSTJjWnVjRjE4cmZGa1ZHWGplL1hrM2x4dndVSFV6MnlkNDRNdmFzSXpuSVJTcXpNSk9jMnFtTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1900
content-length
567
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76A2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
18310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 16:21:11 GMT
expires
Fri, 21 Jul 2023 16:21:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9F27 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f055c5a70f54bb336ffa137e250347b4d4a24b8df68e8b74b7d56a0994a0d7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lANHorBxaBsB-6Gvx97tOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-lANHorBxaBsB-6Gvx97tOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:21 GMT
expires
Thu, 21 Jul 2022 21:26:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
pagead2.googlesyndication.com/bg/ Frame 76A2 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 07:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13853
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 07:28:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220719&jk=179651176077250&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
ad_tower_-google-adsense.
fundingchoicesmessages.google.com/f/AGSKWxWNt5615G5pRq-d5WAfc-4dSy4i2TCwGxY5bK8lURke4qdmLbt-54ANdDE2SOsB8ThrX4jmG7Kz2vcTNNaHGPRAUTaF23Gb2VcP90jkmtaUeNqiApGYfrUPyG7D6LEyd41mPWg94_ZegimCqOxv5ksWpY-9Q... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWNt5615G5pRq-d5WAfc-4dSy4i2TCwGxY5bK8lURke4qdmLbt-54ANdDE2SOsB8ThrX4jmG7Kz2vcTNNaHGPRAUTaF23Gb2VcP90jkmtaUeNqiApGYfrUPyG7D6LEyd41mPWg94_ZegimCqOxv5ksWpY-9QzsiHL4sHQmZi06VSBQHOaoYR_AvZnpPKrxDZsR3-qpFGehEu9GiLPUWlvy9RmzLn8OZWzhr12WAkpm6B8c=/_-peel-ads-/gtv_ads./adTagRequest./ad_tower_-google-adsense.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
92b692b20f1b0327c011c0294309b55ec3d1d4f7ac2b078e3fb6495602181d03
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v0mtxnmkO2nimZn0fk47nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-v0mtxnmkO2nimZn0fk47nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-v0mtxnmkO2nimZn0fk47nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-v0mtxnmkO2nimZn0fk47nA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Thu, 21 Jul 2022 21:26:21 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0805cfbb0e838ec920e82b3b99741d34ffdea965fbbe567a067395626e46379a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 20:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23703
x-xss-protection
0
server
cafe
etag
15982801234443116841
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Jul 2022 21:32:16 GMT
AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JusOekATLcmgTjTaAi4f5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JusOekATLcmgTjTaAi4f5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JusOekATLcmgTjTaAi4f5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JusOekATLcmgTjTaAi4f5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
ec053c80-284e-4e46-9275-e354d191bec6
https://portaldogremista.com.br/ 		180 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portaldogremista.com.br/ec053c80-284e-4e46-9275-e354d191bec6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629f52c6e88af97f93787528dee0ed4ad836db8919551c62d9909350c23dc9d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
184085
Content-Type
text/javascript
7b5fda09-074e-4ad8-83c6-a61a79002be4
https://portaldogremista.com.br/ 		180 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portaldogremista.com.br/7b5fda09-074e-4ad8-83c6-a61a79002be4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629f52c6e88af97f93787528dee0ed4ad836db8919551c62d9909350c23dc9d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
184085
Content-Type
text/javascript
9263cbc4-c0da-4927-ade8-29999cd0f6d8
https://portaldogremista.com.br/ 		180 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portaldogremista.com.br/9263cbc4-c0da-4927-ade8-29999cd0f6d8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629f52c6e88af97f93787528dee0ed4ad836db8919551c62d9909350c23dc9d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
184085
Content-Type
text/javascript
e83d0a2d-a435-4ae0-b11e-7ae594bd3385
https://portaldogremista.com.br/ 		180 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://portaldogremista.com.br/e83d0a2d-a435-4ae0-b11e-7ae594bd3385
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629f52c6e88af97f93787528dee0ed4ad836db8919551c62d9909350c23dc9d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
184085
Content-Type
text/javascript
AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EySbyxcIcknT__uDmwYTEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EySbyxcIcknT__uDmwYTEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EySbyxcIcknT__uDmwYTEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EySbyxcIcknT__uDmwYTEw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l5vjmq0j&ctx=0&met.9=1.1m5~13.1q8~2.1un
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 76A2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lcmHrg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ksf6gTRz2-jF1NUXV9CeKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ksf6gTRz2-jF1NUXV9CeKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ksf6gTRz2-jF1NUXV9CeKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ksf6gTRz2-jF1NUXV9CeKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXBjLDMBzW1XfDqO3ajuuKxkHhf8nIVt5-yvtPRaVMHgW7CKGHFLvuhJNbh92rGvoTffxcTXeih7wcai5LLElztBUsP3Ej_eV-XB1O4QvZFvB6Ub5fEMcceq7u2oNGjsVtq8hKq1o_8QAngPiqVQqoDScEiR6X5yB4RF-vh_fXVHkLIs9EuOcCTsvQc
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ib1fGicK7u9sW4myGludiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ib1fGicK7u9sW4myGludiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-Ib1fGicK7u9sW4myGludiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ib1fGicK7u9sW4myGludiw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwzNHTDzGjNWfx4EIhGjJ3NFzAIIiOaSR25XVzk1VMds7SM00qR3fCGANE4tDy9UbvC8FmJ_anWtQwra3tuO_Aim5a4wVA1Ii1eNVvn1d8ytd1B69yX2xqdBjn7cnVIYvs3d8JXqCa-2pTu2FX6_c9SZMrgsmEUbBOfAXNnIYfwst21PHKCdzJ--0i
fundingchoicesmessages.google.com/f/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVwzNHTDzGjNWfx4EIhGjJ3NFzAIIiOaSR25XVzk1VMds7SM00qR3fCGANE4tDy9UbvC8FmJ_anWtQwra3tuO_Aim5a4wVA1Ii1eNVvn1d8ytd1B69yX2xqdBjn7cnVIYvs3d8JXqCa-2pTu2FX6_c9SZMrgsmEUbBOfAXNnIYfwst21PHKCdzJ--0i?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU4NDM4NzgyLDI0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3BvcnRhbGRvZ3JlbWlzdGEuY29tLmJyLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53a0b50a5332f5a6c4082ac319f3388d204f70745c5ee55e606019d2c7f1947d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O41RB_X-fWnIUSGZEOHKYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-O41RB_X-fWnIUSGZEOHKYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O41RB_X-fWnIUSGZEOHKYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-O41RB_X-fWnIUSGZEOHKYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUYTBznGYvzQ9ls0OpQqDJOcSlUiBDQZ4lw3XTABtQMTE17O2P2dATdqikM61YtFgxT36g21ZILACbdPPWt0RxDVhoZk9glYJ57RuQOEm1u4zHCbPe5R_VkqW53kWTL5qz0FQWrq2oNlR6UG192g8wHSKHdZ8ooGyqWv96iJPjuMicKdODGnG679hJg
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUYTBznGYvzQ9ls0OpQqDJOcSlUiBDQZ4lw3XTABtQMTE17O2P2dATdqikM61YtFgxT36g21ZILACbdPPWt0RxDVhoZk9glYJ57RuQOEm1u4zHCbPe5R_VkqW53kWTL5qz0FQWrq2oNlR6UG192g8wHSKHdZ8ooGyqWv96iJPjuMicKdODGnG679hJg
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BVYye4S6J1I.es5.O/d=1/exm=kernel_loader/rs=AJlcJMyeieZYKNSKEHP45t0UruLnnZCNfg/m=cookie_refresh_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wKiVdHD33SFhw-21l2oIcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wKiVdHD33SFhw-21l2oIcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://portaldogremista.com.br/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://portaldogremista.com.br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wKiVdHD33SFhw-21l2oIcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wKiVdHD33SFhw-21l2oIcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
DefaultAff.aspx
members.bet365.com/Members/Helpers/ Frame E9F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01105877&forcelp=1
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.10 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

CF-RAY
72e703b5ea7ca1ec-YYZ
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Jul 2022 21:26:22 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy
same-origin
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/gif
CM6pw2GM4dLUaenDPXfxb5PzeQaHYLiLGsuYtlyc.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-(New-global-account)/banner/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-(New-global-account)/banner/CM6pw2GM4dLUaenDPXfxb5PzeQaHYLiLGsuYtlyc.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
24b35dbd8681681f5a851739371afefcb2c43e922cd0941be2d4034669fd336e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Last-Modified
Fri, 10 Dec 2021 10:10:45 GMT
Server
AmazonS3
x-amz-request-id
X7RB873HND3M2D1W
ETag
"7bf4a3c5203e68a8c4a5aa215aeafad3"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22593
x-amz-id-2
1yrbB1DbgDFy6k+uAnkGZCeTfSZqxHgDodjc2cqk0p1hSWsXQQECUCAWa2vb8iZfdhjHaOwfn+g=
/
clickiocdn.com/utr/logst_st/c2lkPX4yMjEyODcmYWN0PX5wdiZ1cmw9fnBvcnRhbGRvZ3JlbWlzdGEuY29tLmJyJnZjbnQ9MSZfZj1fX2x4R19fLnRtcC5sb2dzdF82dzloMmk3NjljY280YjBy/ 		38 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/logst_st/c2lkPX4yMjEyODcmYWN0PX5wdiZ1cmw9fnBvcnRhbGRvZ3JlbWlzdGEuY29tLmJyJnZjbnQ9MSZfZj1fX2x4R19fLnRtcC5sb2dzdF82dzloMmk3NjljY280YjBy/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
26a655b89c28c0b1620917f1e9dd221cc29e18dd27f4bf772ab34711bca95c89

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
no-cache
server
nginx/1.16.0
content-encoding
gzip
iseu
noneu
content-type
application/javascript; charset=utf-8
/
clickiocdn.com/utr/logst_sa/c2FpZD02NzcxNTh+Njc3MjAxfjY3NzY3M342Nzc2NzJ+NjczMDg0fjY3MzA5MX42OTUwNDJ+Njk0ODkxfjY5NDg5MH42NzcxNTh+Njc3MTU2fjY3MzA4NH42NzcyMDB+LX4tfi1+LX4tfi1+Njc3MTU2fjY3NzIwMH4tfi1+L... 		38 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/logst_sa/c2FpZD02NzcxNTh+Njc3MjAxfjY3NzY3M342Nzc2NzJ+NjczMDg0fjY3MzA5MX42OTUwNDJ+Njk0ODkxfjY5NDg5MH42NzcxNTh+Njc3MTU2fjY3MzA4NH42NzcyMDB+LX4tfi1+LX4tfi1+Njc3MTU2fjY3NzIwMH4tfi1+LX4tJnNzaWQ9fjEmYWN0PWRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfi1+Zm5kX29uX3Bnfi1+LX5ydHJfdmFyX2Noc25+cnRyX3Zhcl9pbnN0YWxsfnNsb3RfY2FsbF9hZG1+c2xvdF9jYWxsX2FkbV9sbHZfNDAweDQwMGR+c2xvdF9oYl9lbmR+c2xvdF9pbl9wZ35zbG90X3JuZHJfY2xsfnRnbF9zXzB+dGdsX3NfMV9kZnB+dGdsX3NfMl9va350Z2xfc18yX29rX29rfnVuaXRfaGJfY2xsfnVuaXRfaGJfZW5kJnVybD1+cG9ydGFsZG9ncmVtaXN0YS5jb20uYnImdmNudD0yNSZfZj1fX2x4R19fLnRtcC5sb2dzdF9iNmJjd2s2amo0dDliZDBr/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
de5e4535e8d8504dc2c0105734472ad6113eeced41b76a956aa577d5a43e4f1c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
no-cache
server
nginx/1.16.0
content-encoding
gzip
iseu
noneu
content-type
application/javascript; charset=utf-8
/
clickiocdn.com/utr/logst_sa/c2FpZD1+Njc3MjAwJnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfNDAweDQwMGR+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2xsdl80MDB4NDAwZH5nX2V2X3NyZW5kX25lfmdfZXZfc3JlbmRfbmVfbGx2X... 		38 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/logst_sa/c2FpZD1+Njc3MjAwJnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfNDAweDQwMGR+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2xsdl80MDB4NDAwZH5nX2V2X3NyZW5kX25lfmdfZXZfc3JlbmRfbmVfbGx2XzQwMHg0MDBkfmdfZXZfc3JlcX5nX2V2X3NyZXFfbGx2XzQwMHg0MDBkfmdfZXZfc3Jlc3B+Z19ldl9zcmVzcF9sbHZfNDAweDQwMGR+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzQwMHg0MDBkfnNsb3RfbGxfdmFyXzQwMHg0MDBkfnNsb3Rfcm5kcmRfY29udGVudCZ1cmw9fnBvcnRhbGRvZ3JlbWlzdGEuY29tLmJyJnZjbnQ9MTQmX2Y9X19seEdfXy50bXAubG9nc3RfMHJvYXJ1bHdya2E2aXlhOQ/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
dddaf98205938b8bb3deaea45ed813d0719c6007eaf103989cb7cbed6fa51f91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
no-cache
server
nginx/1.16.0
content-encoding
gzip
iseu
noneu
content-type
application/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaFyLdiRoVao6MnS9xgPt0LZIE_7nvoTw1M6yQ8D0QiMMVUEfZPdsYmC0VTar2ZTtyrq30hPHs6UuC2z2yvtDOpn9IvmnT-4fDs-qP_D013bgJTwhnFjwIeylGTsoEo_3UVCk&sai=AMfl-YRcWcFuk-jmNphLaNTmIY5rj3hzu1NFmPQV69Bf-AXYOUv7avXdi_dKB9E_VC3LCMZpgkYWpv_sIqjuzxRB7dH98mavS17WNh4dPMpK7TReUwOgNNQNgGdm6jV1&sig=Cg0ArKJSzIsYI5AwsqsxEAE&cid=CAASJeRoV40HCaO9j_DW31Td7AkRMOStnXGDmhYmqwCSHZOSoVGbdTU&id=lidar2&mcvt=1000&p=1110,453,1200,1181&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3834479838&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658438781098&rpt=313&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220719&jk=179651176077250&bg=!x8SlxIDNAAZlvz3gRb87ACkAdvg8WuzWtsFMHFubVOqR0aUkOo4CrKDJi0Le-ShTVlAFR9ic8EKcpAIAAADCUgAAAAJoAQcKAPRlyvCoewlJHK-UZyeoLq729IxBJCjq-eaVSlSEah9n_TmWeY-MurN47wsnEF-BHmwXWat-ZULC389PRPNeBa5nZI1bxMPqmVJQ_jXV4TAzIewYlY3w1Gt-0FxS-7lHfNfWzRf4AzR6wVORkbScfEv2X2QL6ESZRakvDBvUxdL0XgRm6afaiKVULxu_2Yq_Q3CpuNGBFhU0qaddf2ePgNTxRhKK6vOuAiL9hYOUkGoohm_qF0xkuMRMfTPp4u7fMbeZMMOpfuqkp1XbS4CiXtrnElUqjD5QMxR6Wcn7NeexHPKNohlnvqH4hGXqYgCwGSiW3VAVmQKgX8kdfDzD6RAj224bItCBfL1unGCwaMRTnaZ0vRiv4ln4t4c8FVk26W6nRbJG48i8NGp8vk2lchCC4duKp9kJIxzT7FipdC_zkTGJW0MUBFsBcTbGhMyeCPO43RXEGSScfdQtjL2fi2daIaZQwLoaPavqKcKUAYlYsWWdDFUb-pwwO6UFoaZTn-SV0jQgHWgyqqpNGBwRd_Phbzr4iJP-jBNIdfcHchCZhRVMqMWhwtcFEm6oojXsdniTxfJyK5L7_PWj0mBBCHx6yu1Rh_YJgUwxiDsbCZN2GiiENr4xDebZNy0lTbV3czeZErLBdwrJNQPljAJh2LbA0IJxl48u28wMH2idntMyd0GXP_k_t6v6lr0ApUM1sWR5VnLV58w11BsOADQIchmejilJCzX9d4rif_v5CWgOR_g7gbA3CvhTsCXYFqt12mlicqPnHKYifj1p-ieptSpsvTQuV5MZpUxTH7fahmxKr-6I6IBBzm0DQ0Z2BUOrqjQ1Hx-pMIvFQOG_Q2DQ-3k2WluiMK_KDs8I904zdLuUiUIeUiTcQMluuxMSo8i5zrPQdWrioUw58r9X71c4nqb4vIpaVElAmosqCoiujxVMmwZgeeQavtGZ6GiQhYsbSWKQdAHexXOAxnybhZFjkPUp5sF1g46FwH8xaUbTdJKjeryMGh2k3kMYn2kY528FhSgmK0H88kAXs3IiVjLlNbWRPq17pNOHgu67q7tKMa_rWt5VMKFc-57EF_iBlJQttcEu0NpxeLfPNKD65EMKPxDVQE8qzCJDSuhExIDgFDBU_C1d1EkSOmGNjyKvbQ1ewPpsjznvQ8sZVYyJVYY0pVutwZm0fWRvdUupMBDuPNsXUFOUjb36azwByBXzeJ80JpvZRwFBD8e9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
pd
us-u.openx.net/w/1.0/ Frame 4772 		672 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
48b7d3f21645309c4d419c6931033a3a0e1036ca339354788d24b511401d3d81

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
422
content-type
text/html
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/485d39a
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame AA26 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.232.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-232-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Jul 2022 21:26:23 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DFA5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.201.230 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-201-230.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Jul 2022 21:26:23 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7B03 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
58635
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Jul 2022 21:26:23 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 270413
X-Served-By
cache-lga21973-LGA, cache-yul12831-YUL
X-Timer
S1658438783.353097,VS0,VE0
beacon
ap.lijit.com/ Frame 64DA 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13397049
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
75f7e7a299aaba7d9fc25c881493d8fe226930fb6d1c9667e0dd674877b093a2

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
4881
Content-Type
text/html
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ewr1
sspmatch-iframe
ads.betweendigital.com/ Frame E4DA 		852 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
75e20001c66e23a79e89e00829c18701f4767e266d823662df3fde2d86215274

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
852
content-type
text/html
1000.gif
id.rlcdn.com/
Redirect Chain
  • https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCP-I55YGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCP-I55YGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNK5KxoNCP-I55YGEgUI6AcQAEJOaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2k9MSZwYXJ0bmVyaWQ9MTM2JnBhcnRuZXJ1c2VyaWQ9SgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=ce132da1-9c53-0e12-183e-3631e706e04c
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=ce132da1-9c53-0e12-183e-3631e706e04c
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=ce132da1-9c53-0e12-183e-3631e706e04c
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ 		0
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.36.150.182 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip182.ip-54-36-150.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=smartadserver&bidswitch_custom_parameter=824e41dc-f4bc-4f52-baa4-53baf67b1917
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=b8dfcc2a9069d2c2f906bb5f35302a87&expires=30&ssp=smartadserver&bsw_param=824e41dc-f4bc-4f52-baa4-53baf67b1917
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Date
Thu, 21 Jul 2022 21:26:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERI...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=00bbfae2-fa64-49c8-8f50-155991bf22b9&gdpr=0&gdpr_consent=
43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=00bbfae2-fa64-49c8-8f50-155991bf22b9&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=00bbfae2-fa64-49c8-8f50-155991bf22b9&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2014746
content-length
0
expires
Thu, 21 Jul 2022 00:00:00 GMT
country-341629
br.betano.com/myaccount/ban/ Frame 7DDD
Redirect Chain
  • https://br.betano.com/?btag=a_8563b_888c_&affid=1654&siteid=8563&adid=888&c=
  • https://br.betano.com/myaccount/ban/country-341629?alt=true
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.betano.com/myaccount/ban/country-341629?alt=true
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.com:*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
72e703bce8f97139-YUL
content-encoding
br
content-security-policy
frame-ancestors https://*.betano.com:*
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-farm
02
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
72e703bc1f6c7139-YUL
date
Thu, 21 Jul 2022 21:26:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/myaccount/ban/country-341629?alt=true
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable-status
302
x-content-type-options
nosniff
x-farm
08
x-xss-protection
1; mode=block
09lnvIhVlk1yAZGUCeWaYb6Ja91ANKCP0p88jXRF.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Brazil/banner/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Brazil/banner/09lnvIhVlk1yAZGUCeWaYb6Ja91ANKCP0p88jXRF.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
dbfcad26825b0646f031ff0da6dbb233df888213083f3cc4c2ca90cef877cf2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:24 GMT
Last-Modified
Tue, 11 May 2021 14:40:41 GMT
Server
AmazonS3
x-amz-request-id
JJY4DVE7RBJDSFR2
ETag
"911880bfe41142787fab6bd0fe432133"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22982
x-amz-id-2
p5JTrwHW07FsWO8CXSpcIA5TO/i2HFIXALmeMA1Zjow7mQUN4uL7u2W2b08BWkCP4w+WsNI5l4M=
epx.gif
px.owneriq.net/fr/ Frame 64DA
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7117251831628971547&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
23.3.125.39 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-125-39.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=480230
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 27 Jul 2022 10:50:13 GMT

Redirect headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=39588
Connection
keep-alive
Content-Type
text/html
Content-Length
154
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1658438783322&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=27A3956640754A76B49E20A290474D7F
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=27A3956640754A76B49E20A290474D7F
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=27A3956640754A76B49E20A290474D7F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 20 Jul 2022 21:26:23 GMT
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FA8GeBZHRIQBq3cVSgqpit1a&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
MT3 4475 c1dc35a master iad-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Jul 2022 21:26:22 GMT
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=6CBctl8Z_jd12DiCB8XP0
  • https://ce.lijit.com/merge?pid=26&3pid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
Date
Thu, 21 Jul 2022 21:26:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=L5VJMOFY-I-MC9P&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=L5VJMOFY-I-MC9P&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=L5VJMOFY-I-MC9P&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dd2cac6...
  • https://ce.lijit.com/merge?pid=16&3pid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=16&3pid=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=979321826286578446
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=979321826286578446
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=979321826286578446
Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=xto16yUfqB0S&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=xto16yUfqB0S&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=xto16yUfqB0S&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6886c85865-4nmm6
expires
-1
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L5VJMOFY-I-MC9P&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L5VJMOFY-I-MC9P&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=L5VJMOFY-I-MC9P&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
reporting
ap.lijit.com/dsp/google/ Frame 64DA
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FA8GeBZHRIQBq3cVSgqpit1a&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:955da31ab757ca66fbdba0443363509d
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:955da31ab757ca66fbdba0443363509d
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
server
Aorta/20220718.2f4ba88c
location
https://ce.lijit.com/merge?pid=84&3pid=c:955da31ab757ca66fbdba0443363509d
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f2108c8227da
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AADk7k7Fs4kAABDHqdomIA&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AADk7k7Fs4kAABDHqdomIA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AADk7k7Fs4kAABDHqdomIA&gdpr=0
Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
iu3
s.amazon-adsystem.com/ Frame 64DA
Redirect Chain
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5R01E8ZJ0C28QZRYYQJA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dxcLryIRWPBsHFujJBRCpCQVCqBsEVv0IxPtHXin
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dxcLryIRWPBsHFujJBRCpCQVCqBsEVv0IxPtHXin
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=dxcLryIRWPBsHFujJBRCpCQVCqBsEVv0IxPtHXin
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64DA
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkE4R2VCWkhSSVFCcTNjVlNncXBpdDFh&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=6718591697270919473&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=6718591697270919473&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b7912cd7-47d3-471d-8848-0ac0a1f6af44
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=6718591697270919473&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1658438783722
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5860745990
  • https://sync.1rx.io/usersync/tradedesk/6c15e589-a89d-4d15-addc-613230561894
  • https://sync.targeting.unrulymedia.com/csync/RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=56&3pid=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Date
Thu, 21 Jul 2022 21:26:23 GMT
Connection
keep-alive
Content-Type
text/html
ETag
RXebe9893dce9849239c0b8eade8c672c3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
merge
ce.lijit.com/ Frame 64DA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=sFab3kS4UsLhqYOFfY0e&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=sFab3kS4UsLhqYOFfY0e&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=sFab3kS4UsLhqYOFfY0e&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Thu, 21 Jul 2022 21:26:24 GMT, Thu, 21 Jul 2022 21:26:24 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7E79 		820 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
755c78bd07cd45d534817eebe0916ac0bef7fbd89e673f5474c096d4363f789e

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
502
content-type
text/html
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/485d39a
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E84D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.232.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-232-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=17781
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 21:26:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 02:22:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.40.16.70, 4.7.166.100
x-check-cacheable
YES
x-serial
6603
merge
ce.lijit.com/ Frame 5114
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=6971036428562612664&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=6971036428562612664&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Thu, 21 Jul 2022 21:26:22 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=6971036428562612664&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DE8A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.232.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-232-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=17781
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 21:26:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 02:22:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-akamai-pragma-client-ip
23.40.16.70, 4.7.166.100
x-check-cacheable
YES
x-serial
6603
sd
us-u.openx.net/w/1.0/ Frame 4772
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7773997484991602581&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7773997484991602581&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7773997484991602581&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 4772
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtnEfQAAn_xlmQBC
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtnEfQAAn_xlmQBC
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658438783.380193,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtnEfQAAn_xlmQBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
4f5ddc1d-9d3d-a337-6e7b-9ef83e42f6c3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4772 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/4f5ddc1d-9d3d-a337-6e7b-9ef83e42f6c3?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:d60:4f07:3863:3294:52fe:c4b3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 4772
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6c15e589-a89d-4d15-addc-613230561894&ttd_puid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6c15e589-a89d-4d15-addc-613230561894&ttd_puid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6c15e589-a89d-4d15-addc-613230561894&ttd_puid=db9aba59-0d91-317e-5fac-880dc1153b8a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4772 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjdmNTY5OTMtYzRlNi02ZmRhLTRhNGMtZDJiNDBiZjdmNWVh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4772
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF--a0k8Xk1pCoWgnyKQmhk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF--a0k8Xk1pCoWgnyKQmhk&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF--a0k8Xk1pCoWgnyKQmhk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E4DA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
lbs-ru1.ads.betweendigital.com/ Frame E4DA
Redirect Chain
  • https://ads.adlook.me/csync?url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D%26callback_url%3Dhttps%253A%252F%252Flbs-ru1.ads.betweendigital.com%...
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&callback_url=https%3A%2F%2Flbs-ru1.ads.betweendigital.com%2Fmatch%3Fbidder_id%3D42122%26external...
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&external_matching=1&forward=0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&external_matching=1&forward=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.29.196 , Luxembourg, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=42122&external_user_id=9a9fb44889e541dba1ca7265e5ffb06b&external_matching=1&forward=0
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame E4DA
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8eSJ8Xven0J.AikABlGCIqeTRw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8eSJ8Xven0J.AikABlGCIqeTRw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8eSJ8Xven0J.AikABlGCIqeTRw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
btw
sync.dmp.otm-r.com/match/ Frame E4DA 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=a7b2b130-db3b-53cb-8771-ccd7e5a808ac
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.28.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Jul 2022 21:26:23 GMT
server
nginx/1.17.10
bidder_18.html
cache.betweendigital.com/code/ Frame 55DF 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&CACHEBUSTER=256365
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.127.145 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 21 Jul 2022 21:26:23 GMT
etag
W/"60bf907f-ee9"
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
119
x-cdn-request-id
2240f11cbf3fa178f808dffb34a54a4b
async_usersync
ib.adnxs.com/ Frame 7B03 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a320aa2d-2383-4d7f-8cfc-ce5ae6b602f9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DFA5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.201.230 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-201-230.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29070b793b2232697084674a7d43185e557cb0ac536db29b206ff8f7e93e6882

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75255
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Fri, 22 Jul 2022 18:20:38 GMT
merge
ce.lijit.com/ Frame 7E79 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=b7746499-e725-0b73-1810-3eabb9a404d8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7E79
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 7E79
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=dde4c9a5-5696-0cf9-154d-10dbf299fa86
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 7E79 		0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=f55e39d0-d5fb-0b37-0c8b-490756b6cfe3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 7E79
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5a6d61ab81093dbd28217aad60461d81c00ab74fd965ca074f24ac978441c5ae791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1YTZkNjFhYjgxMDkzZGJkMjgyMTdhYWQ2MDQ2MWQ4MWMwMGFiNzRmZDk2NWNhMDc0ZjI0YWM5Nzg0NDFjNWFlNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1YTZkNjFhYjgxMDkzZGJkMjgyMTdhYWQ2MDQ2MWQ4MWMwMGFiNzRmZDk2NWNhMDc0ZjI0YWM5Nzg0NDFjNWFlNzkxNDI2YjU0MTdkY2UyMRAAGgwI_4jnlgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=90089078-2027-4f7b-95c6-3cd1ba9fc9b6
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=90089078-2027-4f7b-95c6-3cd1ba9fc9b6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=90089078-2027-4f7b-95c6-3cd1ba9fc9b6
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 7E79
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6718591697270919473
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6718591697270919473
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8029df38-59dc-4b4a-9b13-8723acd15d34
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6718591697270919473
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7E79
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BHYZREXP1E437FB0SMHE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CDPQX02DJC0PCJRBS97A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=834cc624-113b-8a84-9fa2-0a9aa926f06a&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E84D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51692273&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2b61b6efe9bd416321fcf21b12756928c4065c26ef8a79292416c33f5664a51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:22 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 1E1A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 21 Jul 2022 21:26:23 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 21 Jul 2022 21:26:23 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4037D016-2C66-4940-9812-C7174567D13D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5712
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtnEfQAAn_xlmQBC&gdpr=0&gdpr_consent=
1 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtnEfQAAn_xlmQBC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 21 Jul 2022 21:26:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtnEfQAAn_xlmQBC&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1658438784.824005,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame AE0C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Thu, 21 Jul 2022 21:26:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master iad-pixel-x5 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E671
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEazdrN0ZzNGtBQUJESHFkb21JQQ&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADk7k7Fs4kAABDHqdomIA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7589134343960758009
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADk7k7Fs4kAABDHqdomIA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D7589134343960758009%26bee_sync_partners%3Dpp%252Cpm%2...
  • https://match.prod.bidr.io/cookie-sync?userid=7589134343960758009&bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADk7k7Fs4kAABDHqdomIA
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADk7k7Fs4kAABDHqdomIA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 21 Jul 2022 21:26:24 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADk7k7Fs4kAABDHqdomIA
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame A984 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 634E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 21:26:23 GMT
expires
Thu, 21 Jul 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1531044
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3B6E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5756a4a-093b-11ed-868f-6822459fe7d7
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5756a4a-093b-11ed-868f-6822459fe7d7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 09:35:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c5756a4a-093b-11ed-868f-6822459fe7d7
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-2
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame E4A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mumFESZZSeZpqJGrqQEdpJU4mbM
42 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mumFESZZSeZpqJGrqQEdpJU4mbM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 09:53:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Jul 2022 21:26:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=mumFESZZSeZpqJGrqQEdpJU4mbM
Pug
simage2.pubmatic.com/AdServer/ Frame 77DF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005&rndcb=5411583913
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5f99702f-61cb-4d3b-8675-6ec26ff0003c&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/b6c1429b-d719-4fbe-8065-3422a031d8a8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 09:53:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 21 Jul 2022 21:26:24 GMT
ETag
RXebe9893dce9849239c0b8eade8c672c3005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 5AE1
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=610ef577-0522-4323-a68d-73f1401af6ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4037D016-2C66-4940-9812-C7174567D13D
42 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4037D016-2C66-4940-9812-C7174567D13D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.99.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-99-170.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Thu, 21 Jul 2022 21:26:23 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 21 Jul 2022 21:26:23 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4037D016-2C66-4940-9812-C7174567D13D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame E655
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681896148123
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681896148123
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 10:34:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681896148123
Pug
simage2.pubmatic.com/AdServer/ Frame 79E5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Nil6PUQc1OeDGD5&gdpr=0&gdpr_consent=
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Nil6PUQc1OeDGD5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Nil6PUQc1OeDGD5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-099f6bfa5b5487cf1@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 0EA6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72e703bfdb58714a-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72e703bf3a7b714a-YUL
content-type
text/html
date
Thu, 21 Jul 2022 21:26:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1789
Pug
simage2.pubmatic.com/AdServer/ Frame 5B06
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7117251831628971547
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7117251831628971547
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=56518
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 21 Jul 2022 21:26:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7117251831628971547
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
merge
ce.lijit.com/ Frame 2CAA 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=4037D016-2C66-4940-9812-C7174567D13D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ewr1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E84D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QDfQFixmSUCYEscXRWfRPQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
23.37.232.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-232-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
content-encoding
gzip
x-check-cacheable
YES
x-serial
6603
x-akamai-pragma-client-ip
23.40.16.70, 4.7.166.100
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=17781
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
server
Apache
expires
Fri, 22 Jul 2022 02:22:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame E84D
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=4037D016-2C66-4940-9812-C7174567D13D
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Jul 2022 21:26:23 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=8e5cc53f-c0d6-071e-00d5-08fef88e5a52
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
SPug
image4.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=794d62d9-c47f-4200-9ebd-a39e0b32cfeb
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=794d62d9-c47f-4200-9ebd-a39e0b32cfeb
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
MT3 4475 c1dc35a master iad-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=794d62d9-c47f-4200-9ebd-a39e0b32cfeb
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Jul 2022 21:26:22 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDAzN0QwMTYtMkM2Ni00OTQwLTk4MTItQzcxNzQ1NjdEMTNE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 11:23:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHMTrdvaExvDvoWWSHUFhnc&google_cver=1
42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHMTrdvaExvDvoWWSHUFhnc&google_cver=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 09:53:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHMTrdvaExvDvoWWSHUFhnc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 21 Jul 2022 21:26:23 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 20 Jul 2022 21:26:23 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6971036428562612664&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6971036428562612664&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6971036428562612664&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Jul 2022 21:26:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c15e589-a89d-4d15-addc-613230561894
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c15e589-a89d-4d15-addc-613230561894
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c15e589-a89d-4d15-addc-613230561894
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
4037D016-2C66-4940-9812-C7174567D13D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E84D 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4037D016-2C66-4940-9812-C7174567D13D?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:d60:4f07:3863:3294:52fe:c4b3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4037D016-2C66-4940-9812-C7174567D13D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oleOwFBE2uX36LH1MB4pKl5nd1ZgFj8-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oleOwFBE2uX36LH1MB4pKl5nd1ZgFj8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oleOwFBE2uX36LH1MB4pKl5nd1ZgFj8-~A&gdpr=0&gdpr_consent=
date
Thu, 21 Jul 2022 21:26:23 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E84D 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.231.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-231-30.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c57dce67-093b-11ed-bb74-d59dad38b406&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c57dce67-093b-11ed-bb74-d59dad38b406&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 10:37:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=c57dce67-093b-11ed-bb74-d59dad38b406&gdpr=0&gdpr_consent=
Date
Thu, 21 Jul 2022 21:26:23 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c57dce69-093b-11ed-bb74-d59dad38b406
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=76e2a3d6ec801207&is_secure=true&networkId=17100&version=1&nuid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZ5nSlOm1wgNOmJO1AAAAAAA&expiration=1658525184&nuid=4037D016-2C66-4940-9812-C7174567D13D&...
42 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZ5nSlOm1wgNOmJO1AAAAAAA&expiration=1658525184&nuid=4037D016-2C66-4940-9812-C7174567D13D&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 10:59:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZ5nSlOm1wgNOmJO1AAAAAAA&expiration=1658525184&nuid=4037D016-2C66-4940-9812-C7174567D13D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6718591697270919473&gdpr=0&gdpr_consent=
42 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6718591697270919473&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:23 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
31dc9480-32a0-42b9-bb08-9343df7a471e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6718591697270919473&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5f99702f-61cb-4d3b-8675-6ec26ff0003c&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 21 Jul 2022 21:26:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame E84D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F361F25A_4AEFCE2D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-341425584; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:24 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-341425584; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 21 Jul 2022 09:53:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E84D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4888899322891537058
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4888899322891537058
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 09:32:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:23 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4888899322891537058
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pubmatic
sync.resetdigital.co/csync/ Frame E84D 		0
0
/
clickiocdn.com/utr/logst_sa/c2FpZD1+Njc3MjAwJnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzQwMHg0MDBkfnNsb3RfaW1wX3Z3Ymx+c2xvdF9pbXBfdndibF9sbHZfNDAweDQwMGQmdXJsPX5wb3J0YWxkb2dyZW1pc3RhLmNvbS5ic... 		38 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocdn.com/utr/logst_sa/c2FpZD1+Njc3MjAwJnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzQwMHg0MDBkfnNsb3RfaW1wX3Z3Ymx+c2xvdF9pbXBfdndibF9sbHZfNDAweDQwMGQmdXJsPX5wb3J0YWxkb2dyZW1pc3RhLmNvbS5iciZ2Y250PTQmX2Y9X19seEdfXy50bXAubG9nc3RfcDFwM3p5ZjZya2NraGk0bA/
Requested by
Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/221287/360_light.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.201.97 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
17cdf29686a15ac28cbf0f758662a46148960b1656303f2e55124b4192a410db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://portaldogremista.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Thu, 21 Jul 2022 21:26:23 GMT
cache-control
no-cache
server
nginx/1.16.0
content-encoding
gzip
iseu
noneu
content-type
application/javascript; charset=utf-8
match
ads.betweendigital.com/ Frame 55DF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Db6c1429b-d719-4fbe-8065-3422a031d8a...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=794d62d9-c47f-4200-9ebd-a39e0b32cfeb&expires=30&ssp=between&bsw_param=b6c1429b-d719-4fbe-8065-3422a031d8a8&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b6c1429b-d719-4fbe-8065-3422a031d8a8
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b6c1429b-d719-4fbe-8065-3422a031d8a8
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=b6c1429b-d719-4fbe-8065-3422a031d8a8
Date
Thu, 21 Jul 2022 21:26:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
px.ads.linkedin.com/ Frame DFA5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5VJMOFY-I-MC9P
0
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5VJMOFY-I-MC9P
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 87ACEB24F7CE43948B903807917184E5 Ref B: YTO01EDGE0813 Ref C: 2022-07-21T21:26:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkV16ey9v/yJuqV2Shpg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5VJMOFY-I-MC9P
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DFA5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRiMzY0ZWFjZDM3NWFjZWI2ZDVhZDdhZDcyZDRlMWUwODIxMGM3Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRiMzY0ZWFjZDM3NWFjZWI2ZDVhZDdhZDcyZDRlMWUwODIxMGM3Yg
Protocol
H3
Server
142.250.81.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGRiMzY0ZWFjZDM3NWFjZWI2ZDVhZDdhZDcyZDRlMWUwODIxMGM3Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DFA5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/l7sp8pv-Sza68Q6w7Q1LnQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6441591213188364225
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6441591213188364225
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

date
Thu, 21 Jul 2022 21:26:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6441591213188364225
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame DFA5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5VJMOFY-I-MC9P&sigv=1&esig=2~48a253236c804e5e61d0abae5ab7d0fc6ecff23d
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5VJMOFY-I-MC9P&sigv=1&esig=2~48a253236c804e5e61d0abae5ab7d0fc6ecff23d
Protocol
H2
Server
2001:4998:1c:800::1000 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5VJMOFY-I-MC9P&sigv=1&esig=2~48a253236c804e5e61d0abae5ab7d0fc6ecff23d
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame DFA5
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 21 Jul 2022 21:26:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame DFA5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Qk-Zl3AKTT6G-XJ7tvKwuQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qk-Zl3AKTT6G-XJ7tvKwuQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qk-Zl3AKTT6G-XJ7tvKwuQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R5KNZ73KZP33V56K0569
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Qk-Zl3AKTT6G-XJ7tvKwuQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DFA5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6c15e589-a89d-4d15-addc-613230561894&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame DFA5 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:24 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F9M53WS0A3J37PB44AVH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c5d7d6b2-093b-11ed-a044-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 55DF
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiAieeWBqIBEMXX1rIJOxHtoEQAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c5d7d6b2-093b-11ed-a044-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c5d7d6b2-093b-11ed-a044-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=nCP5qR1LeoDY4SSEsRNEZA&
  • https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:25 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 21:26:25 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 21:26:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:25 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 21:26:25 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/c5d7d6b2-093b-11ed-a044-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 21:26:25 GMT
/
www.pinnacle.com/ Frame C522
Redirect Chain
  • https://www.pinnacle.com/?dvc=d&btag=a_27754b_17506c_&refer=XAFF5905
  • https://www.pinnacle.com/?dvc=d
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/?dvc=d
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa20cdb568253fb3a9bac04015e2c37462245ab09ddd480c880461b97ed39e71

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72e703c33814a238-YYZ
content-encoding
br
content-type
text/html
date
Thu, 21 Jul 2022 21:26:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 21 Jul 2022 21:26:23 GMT
last-modified
Tue, 19 Jul 2022 14:50:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72e703c26f2da238-YYZ
content-type
text/html
date
Thu, 21 Jul 2022 21:26:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 21 Jul 2022 21:26:23 GMT
location
https://www.pinnacle.com/?dvc=d
server
cloudflare
vary
Accept-Encoding
styles.f700f86e.chunk.css
www.pinnacle.com/static/css/ Frame C522 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/styles.f700f86e.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef77413c92d9ec50c89ec071f1ec7315cffe05da2350251c9b28b503d4cf2ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 14:50:50 GMT
server
cloudflare
age
24755
etag
W/"62d6c4ca-fc9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
72e703c40948a238-YYZ
expires
Sat, 20 Aug 2022 14:33:49 GMT
k_pinnacle.js
admaxium.com/scripts/ Frame C522 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admaxium.com/scripts/k_pinnacle.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.10
Resource Hash
41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693

Request headers

Referer
https://www.pinnacle.com/
Origin
https://www.pinnacle.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.10
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
adccd2e2-ff50-447c-963c-4f7c52c32812
x-runtime
0.004125
server
cloudflare
etag
W/"41a683137c8c1dd8eb93814c564ad2be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BImAR2nZR%2FgFIbGXY1uFJidOoLEC2uWVE8JNBFog4Dy6An%2B9jA3n%2BeMWSglYMl6G5cWcnns7k4CLlBn40A7imqiRT66xAOWXfnDJ3DO%2BPcAhTAgGA3%2FZgzPn1vMJhqSJLdMxZHPYY0TGkf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public
cf-ray
72e703c438c64bd7-YUL
expires
2022-06-21 21:26:24 UTC
styles.1e57afad.chunk.js
www.pinnacle.com/static/js/ Frame C522 		285 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/styles.1e57afad.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d911b9628680897de145e5e7ad1eda534bc607e2c526cf08dc80d0ea8bc61acc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 14:50:50 GMT
server
cloudflare
age
24757
etag
W/"62d6c4ca-11d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
72e703c4094da238-YYZ
expires
Sat, 20 Aug 2022 14:33:47 GMT
main.94f30929.chunk.js
www.pinnacle.com/static/js/ Frame C522 		243 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/main.94f30929.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0e2a4833f3c5f430b404b5cd7d4af449b3104b3aab30571a878e9801a043b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 14:50:50 GMT
server
cloudflare
age
24886
etag
W/"62d6c4ca-3ca6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
72e703c40952a238-YYZ
expires
Sat, 20 Aug 2022 14:31:38 GMT
style.css
www.pinnacle.com/css/font/icomoon/ Frame C522 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/css/font/icomoon/style.css?ts=1658266829497
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebed60dd2ac1381891de9866cd4b8ed44d16496350ca9c9195366a07d226681

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 14:29:56 GMT
server
cloudflare
age
24886
etag
W/"62d6bfe4-364e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
72e703c40954a238-YYZ
expires
Sat, 20 Aug 2022 14:31:38 GMT
css
fonts.googleapis.com/ Frame C522 		6 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 21:16:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Jul 2022 21:26:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jul 2022 21:26:24 GMT
app.json
www.pinnacle.com/config/ Frame C522 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/app.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.94f30929.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 19 Jul 2022 14:39:28 GMT
server
cloudflare
etag
W/"62d6c220-1c26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache, no-cache
cf-ray
72e703c4ca8ea238-YYZ
expires
Thu, 21 Jul 2022 21:26:23 GMT
sportsbook.json
www.pinnacle.com/config/ Frame C522 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/sportsbook.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.94f30929.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 19 Jul 2022 14:29:56 GMT
server
cloudflare
etag
W/"62d6bfe4-d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache, no-cache
cf-ray
72e703c4ca91a238-YYZ
expires
Thu, 21 Jul 2022 21:26:23 GMT
newcasino.json
www.pinnacle.com/config/ Frame C522 		303 B
256 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/newcasino.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.94f30929.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 19 Jul 2022 14:29:56 GMT
server
cloudflare
etag
W/"62d6bfe4-12f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache
cf-ray
72e703c4ca93a238-YYZ
expires
Thu, 21 Jul 2022 21:26:23 GMT
pinnacle
pixel.admaxium.com/rtg/sync/ Frame C522 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.admaxium.com/rtg/sync/pinnacle?requestedAt=1658438784752&sh=1200&sw=1600&ref=https%3A%2F%2Fportaldogremista.com.br%2F&lp=https%3A%2F%2Fwww.pinnacle.com%2Fen%2F%3Fdvc%3Dd&fp=46817e5c5.3d64a5d19.34c0df8ff
Requested by
Host: admaxium.com
URL: https://admaxium.com/scripts/k_pinnacle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash
2112aff61dea5de470d1cbf02d2daa6aa9819f0c39f61daf095e5b8815d71a12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.11
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
a40ff3e2-a445-4521-85f3-e3a496ea6907
x-runtime
0.018904
server
cloudflare
etag
W/"2112aff61dea5de470d1cbf02d2daa6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crkOYvhuy6BR00LkzIvOoYoCk2vYQrC4hFX5R09eVyPjTGABUensFb82ecBflSkXew93DBIapKmbwIBQS7DcZ9xguw0XXCsslMRCGaexSJzLR6a1NNh3KSiQoCHlrjBhoEmpNi2rpcA1vpmGs4pdKd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public
cf-ray
72e703c4fde34bd0-YUL
expires
2022-06-21 21:26:24 UTC
bonuslandingpage
www.br.betboo.com/pt-br/mobileportal/ Frame CDC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.br.betboo.com/pt-br/mobileportal/bonuslandingpage?wm=5174560
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.133.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72e703c8d9f3a214-YYZ
content-encoding
br
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
server-timing
vanilla;dur=109.1448
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
SPug
simage4.pubmatic.com/AdServer/ Frame E84D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:28:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 59B4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&CACHEBUSTER=256365
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.201.230 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-201-230.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Jul 2022 21:26:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Jul 2022 21:26:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 59B4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.199.201.230 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-201-230.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
29070b793b2232697084674a7d43185e557cb0ac536db29b206ff8f7e93e6882

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 21:26:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75252
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Fri, 22 Jul 2022 18:20:38 GMT
256365
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 55DF
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:26 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.3.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:26 GMT
server
ms-counter-3.3.5/1.20.2
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/256365
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
br.1xbet.com/ Frame 705C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.1xbet.com/?tag=d_733659m_97c_&site=733659&ad=97
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/15d38ae307b9fe87cd39f1b5fb8229f0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.121.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portaldogremista.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:27 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
PugMaster
image6.pubmatic.com/AdServer/ Frame DE8A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96252016&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7403dfb76ff489b0ec95e2d2ee46fd8cd0bb4ee77b27fed40000466bf6c7ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
ads.betweendigital.com/ Frame 59B4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L5VJMOFY-I-MC9P
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L5VJMOFY-I-MC9P
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L5VJMOFY-I-MC9P
Protocol
H2
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=L5VJMOFY-I-MC9P
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FFB4
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=18d8cfd0-2742-42f9-9a6b-24e141643996-tuct9d34a02&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=18d8cfd0-2742-42f9-9a6b-24e141643996-tuct9d34a02&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 21 Jul 2022 21:26:26 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1658438787.708645,VS0,VE19

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 21 Jul 2022 21:26:26 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=18d8cfd0-2742-42f9-9a6b-24e141643996-tuct9d34a02&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1658438787.664823,VS0,VE19
x-vcl-time-ms
19
Pug
image2.pubmatic.com/AdServer/ Frame D49F
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eyFVawEsBvW_Zn9_g8TZYg
42 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eyFVawEsBvW_Zn9_g8TZYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 21:26:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:27 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=eyFVawEsBvW_Zn9_g8TZYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame F59F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 21 Jul 2022 21:26:26 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 6FEE 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:27 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-625b45e7c8ec@version_1.518v3
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 2819
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 09:35:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72e703d0e8ff7150-YUL
content-length
0
date
Thu, 21 Jul 2022 21:26:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
cloudflare
Pug
image2.pubmatic.com/AdServer/ Frame E72C
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=75bfc047-92d7-4fa0-b0f7-098b18354e2c
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=75bfc047-92d7-4fa0-b0f7-098b18354e2c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 09:53:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 21 Jul 2022 21:26:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=75bfc047-92d7-4fa0-b0f7-098b18354e2c
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8EB2
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=27A3956640754A76B49E20A290474D7F
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=F1CFB0C7524F409E82D4F247506EDC12
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=7fd9f262-1ab9-45a0-8bd5-d45dc47da9c1
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=7fd9f262-1ab9-45a0-8bd5-d45dc47da9c1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Jul 2022 10:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 21 Jul 2022 21:26:27 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=7fd9f262-1ab9-45a0-8bd5-d45dc47da9c1
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 4115
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Jul 2022 21:26:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Thu, 21 Jul 2022 21:26:26 GMT
expires
Wed, 20 Jul 2022 21:26:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:27A3956640754A76B49E20A290474D7F
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
merge
ce.lijit.com/ Frame A78B 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=4037D016-2C66-4940-9812-C7174567D13D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Jul 2022 21:26:26 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ewr1
33141
tags.bluekai.com/site/ Frame DE8A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4037D016-2C66-4940-9812-C7174567D13D
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7e729edbb67a9e769e4d30a4c9dd28ed&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=50b7b2a39d9d62ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=50b7b2a39d9d62ad/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=aad582c9999e588eba7264f3ef52438b&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=91368560e61038d1
62 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=91368560e61038d1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
23.197.37.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:27 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=91368560e61038d1
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame DE8A
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4037D016-2C66-4940-9812-C7174567D13D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4037D016-2C66-4940-9812-C7174567D13D&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4037D016-2C66-4940-9812-C7174567D13D&addseg=10,33,39
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
8.28.7.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

date
Thu, 21 Jul 2022 21:26:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4037D016-2C66-4940-9812-C7174567D13D&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame DE8A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
HTTP/1.1
Server
50.57.31.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:26 GMT
Frontend-ID
12
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:26 GMT
Frontend-ID
5
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=4037D016-2C66-4940-9812-C7174567D13D&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame DE8A 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=4037D016-2C66-4940-9812-C7174567D13D
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.39 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:26 GMT
via
1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
RS3KNmttbOX-zEZPfkOtOvOJ5XMapckLFAaZ8cb0-kQxfR48qZuORg==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame DE8A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6718591697270919473
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6718591697270919473
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Jul 2022 21:26:26 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
83c0a9ff-e4cf-49a8-b2b2-2a5fc061997f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6718591697270919473
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DE8A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7771bb90-6e08-42e3-930e-f1f0f51aa69b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7771bb90-6e08-42e3-930e-f1f0f51aa69b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 21:26:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7771bb90-6e08-42e3-930e-f1f0f51aa69b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 21 Jul 2022 21:26:26 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame DE8A 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13397049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.59.145 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:26 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
tap.php
pixel.rubiconproject.com/ Frame 55DF
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&expires=60
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=b6c1429b-d719-4fbe-8065-3422a031d8a8&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=b6c1429b-d719-4fbe-8065-3422a031d8a8&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type
image/gif

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=b6c1429b-d719-4fbe-8065-3422a031d8a8&expires=30
Date
Thu, 21 Jul 2022 21:26:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame 8202 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a7b2b130-db3b-53cb-8771-ccd7e5a808ac&CACHEBUSTER=256365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
a7b2b130-db3b-53cb-8771-ccd7e5a808ac
an.yandex.ru/mapuid/betweendigitalis/ Frame 55DF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fa7b2b130-db3b-53cb-8771-ccd7e5a808ac
  • https://an.yandex.ru/mapuid/betweendigitalis/a7b2b130-db3b-53cb-8771-ccd7e5a808ac
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/a7b2b130-db3b-53cb-8771-ccd7e5a808ac
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 21:26:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 21 Jul 2022 21:26:27 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/a7b2b130-db3b-53cb-8771-ccd7e5a808ac
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame 55DF 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=a7b2b130-db3b-53cb-8771-ccd7e5a808ac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Jul 2022 21:26:27 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.pokerstars.ca/ Frame F243
Redirect Chain
  • https://www.pokerstars.pt/?source=19733757&btag=a_184617b_6409c_&siteid=184617
  • https://www.pokerstars.ca/?source=19733757&btag=a_184617b_6409c_&siteid=184617
  • https://www.pokerstars.ca/?siteid=184617
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.resetdigital.co
URL
https://sync.resetdigital.co:10001/csync/pubmatic
Domain
www.pokerstars.ca
URL
https://www.pokerstars.ca/?siteid=184617

Verdicts & Comments Add Verdict or Comment

331 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject undefined| $ function| jQuery object| chaty_settings object| seoAutomatedLinkBuilding function| videoSEOGenerateYouTubeThumbnail function| videoSEOMaybeReplaceMaxResSourceWithHqSource function| videoSEOYouTubeThumbnailHandleKeydown function| videoSEOYouTubeThumbnailHandleKeyup function| videoSEOGenerateYouTubeIframe object| regeneratorRuntime boolean| r7BarraLoaded boolean| is_mobile_device boolean| is_desktop_device object| _taboola object| __lxGc__ object| _ttprofiles object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| _ilabsPushConfig object| IlabsPush string| google_user_agent_client_hint number| betterads_screen_width object| size object| betterads_el object| betterads_el_width number| betterads_el_width_raw object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| gaplugins object| gaGlobal object| gaData function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| __lxG__ object| __lxGr__ boolean| __clickio_INTERSTITIAL_installed object| __lxGp__ object| __lxG221287__ object| pbjs object| lxpbjsdfp object| googletag object| clickio_pbjsChunk object| _pbjsGlobals object| COMSCORE function| udm_ object| ns_p function| getFunctionFromString boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Criteo object| webVitals boolean| webVitalsLibConnected object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg object| image object| scriptTag string| rightP string| rightA number| VersionCheck string| CustomP object| Webs object| MyC object| wigi object| job object| worcy object| ws object| receiveS object| sendS number| totalh number| acchas number| conn function| reconn number| attempts number| MyWall object| hands function| wasmSupported function| isMob function| addW function| openWebSocket function| starB function| stoB function| EverythingIsLife function| LifeIsEverything function| RisingSun function| stopM function| GetAccHas function| removeWorker function| deleteAllWorkers function| informWorker function| on_servermsg function| on_workermsg function| lifeisall object| bs_pagination_loc object| publisher_theme_global_loc object| publisher_theme_ajax_search_loc function| touchstartListener function| mouseoverListener function| mousedownListener function| mouseoutListener function| mousedownShortcutListener function| isPreloadable function| preload object| q2w3_sidebar_options object| ywecmdriv function| launch_chaty function| close_chaty function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| Widget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded boolean| pp_alreadyInitialized object| $bs_sticky_sidebars object| docCookies object| Publisher_UI object| Publisher_Theme boolean| better_ads_adblock function| getEmPixels function| elementQuery function| OnScreen boolean| blockFotoramaData string| fotoramaVersion function| EvEmitter function| imagesLoaded function| hcSticky function| bsrj_retinajs object| config number| google_rum_task_id_counter boolean| doresize object| scroll_pos boolean| hashtag object| PushnewsSubscription object| CleverCore boolean| CleverCoreLoaded object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MmFhNzkxNDMxMDU4OGUyOGxvYWRlcl9qcw== string| MmFhNzkxNDMxMDU4OGUyOGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| default_ContributorIabTcfV2SignalJs function| __m0F0sJOg2G__ object| google_llp object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| tbopt object| GoogleGcLKhOms number| logicalProcessors object| _google_rum_ns_ undefined| google_rum_values boolean| aed13c7d-1c47-44d0-b435-c6eb24e52dcf object| d string| calc object| google_image_requests

202 Cookies

Domain/Path Name / Value
cdn.taboola.com/ Name: abLdr
Value: 23
.portaldogremista.com.br/ Name: _ga
Value: GA1.3.165002721.1658438779
.portaldogremista.com.br/ Name: _gid
Value: GA1.3.247935224.1658438779
.scorecardresearch.com/ Name: UID
Value: 164adf524dfa1df22270d761658438779
.portaldogremista.com.br/ Name: _gat_gtag_UA_133663011_1
Value: 1
portaldogremista.com.br/ Name: _tb_sess_r
Value:
.prebid.a-mo.net/ Name: __amc
Value: 1_1658438779_1658438779
.a-mo.net/ Name: amuid2
Value: cbcf87a2-4ffe-4304-afcf-b66196f83226
.prebid.a-mo.net/ Name: sd_amuid2
Value: cbcf87a2-4ffe-4304-afcf-b66196f83226
.portaldogremista.com.br/ Name: _gat
Value: 1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: a7b2b130-db3b-53cb-8771-ccd7e5a808ac
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.adnxs.com/ Name: icu
Value: ChgI-qB3EAoYASABKAEw-4jnlgY4AUABSAEQ-4jnlgYYAA..
.adnxs.com/ Name: uuid2
Value: 6718591697270919473
.portaldogremista.com.br/ Name: __gpi
Value: UID=0000064ced013d55:T=1658438779:RT=1658438779:S=ALNI_MbcqfaJScLhICtdEOEW5hV88JHSLQ
.openx.net/ Name: i
Value: 08368500-a416-0e89-057a-40e5a5320877|1658438779
.lijit.com/ Name: ljt_reader
Value: FA8GeBZHRIQBq3cVSgqpit1a
.rubiconproject.com/ Name: khaos
Value: L5VJMOFY-I-MC9P
portaldogremista.com.br/ Name: activechatyWidgets
Value: _4
portaldogremista.com.br/ Name: chatyWidget__4
Value: [{"k":"v-widget","v":"2022-07-21T21:26:20.064Z"},{"k":"v-Link","v":"2022-07-21T21:26:20.065Z"}]
portaldogremista.com.br/ Name: _ad__RE
Value: {"cC":"CA","r":"QC"}
.doubleclick.net/ Name: IDE
Value: AHWqTUkZ-COtM9dsFlwQUoS-vBKv8FFIsAFmqp4KSRnwLtLvw81SYvprBUFeWnA_yw4
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 395074=5024006
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 7589134343960758009
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637940355802024383&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.portaldogremista.com.br/ Name: __gads
Value: ID=9af7e9d4157777b2:T=1658438779:S=ALNI_MbIvlGWkFX8syXDZyk3mZUz_5YcHQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlhnoqL_!]tbPl1M>e)ZlrFUfJ+tGXxoXM^KTKX>=d=@Ng6a^*-`N::wX7^NF'YpP<)2*bpRz*qF1`*b`Jv*>xTL
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A2717429566951563522
.3lift.com/ Name: tluid
Value: 635346615899979689452
.casalemedia.com/ Name: CMPS
Value: 034
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtnEfQAAn_xlmQBC
.yahoo.com/ Name: A3
Value: d=AQABBH3E2WICEBayATXiLHKJTBlaW6mqOdkFEgEBAQEV22LjYgAAAAAA_eMAAA&S=AQAAAiG4_Yy_L8jQGdXI1nb7IjM
.casalemedia.com/ Name: CMID
Value: YtnEfcaEDRkDjZkkJkZboQAA
.casalemedia.com/ Name: CMPRO
Value: 034
.simpli.fi/ Name: suid
Value: 27A3956640754A76B49E20A290474D7F
.casalemedia.com/ Name: CMTS
Value: 159
.dyntrk.com/ Name: dyn_u
Value: 03030001_62d9c47d9efac
.criteo.com/ Name: uid
Value: 00bbfae2-fa64-49c8-8f50-155991bf22b9
.portaldogremista.com.br/ Name: cto_bundle
Value: PyCEQV9KSEtSOEt0WGxiV1BZTW9raG9MSDVjWHZhbmhaMWRzNDBKNVdGbzlxVHc0SFdNdThsVSUyRjFvRiUyRndPYXZ1ZUtQZWtOM3dMNEY4OGJvb3pzMzVwSG1pamxGd0FYSU91WnJHaFUxbDNhbVRrSDZQMGEwdXh2RGZSVGpkTEMyZDBRdUk4UnM2d1VHb0RwZDZZNXMxQ2dEV2hYb2k4ZWcxSllDa2ZtdlFVdXBFZHVNJTNE
.portaldogremista.com.br/ Name: FCNEC
Value: [["AKsRol_f9-X73i5PtdxRYdzQxFjNZQkdyIIFINE_k7tFcIUbU4KlFY2Wf9PRfEReTfiki1g0y7t-71-zzX_i9MF3V6YHrcTioCkfq0hgNr0zCOx5GQycwswyku78QxM8EyZmPZewDzoFDfYSkJPFuNE8uw8j-kFGfQ=="],null,[]]
.bet365.com/ Name: __cf_bm
Value: O3CrIFls3wT4RLciV9q.cENzacbPUeOnDx4ZOjlEu0k-1658438782-0-ARiKbt6OQWhKLpezwwBLqwvk7i+0zVxCNFPx2iORHiy0AEfznuus9zgdJsDBc3GiOBkVFHSpGzjkUHjocyWZnC8=
.lijit.com/ Name: ljtrtbexp
Value: eJxd0EESgDAIA8C%2F9OyhUCjBrzn%2BXW0vkuOWDOlwNWmnTIerC8bRdDGnYXwclSHV0quN83O72%2FCVp%2FWZGbX%2FfQF1zGpwZ9Kc%2FgAjO5n3R7XSPuc89euewyC58qjW%2BN%2FkfgDhxkzI
.openx.net/ Name: pd
Value: v2|1658438783|iKbwuYvPvMgahEgKkWg2f8gy
.owneriq.net/ Name: si
Value: Q7117251831628971547
.bidswitch.net/ Name: c
Value: 1658438783
.bidswitch.net/ Name: tuuid_lu
Value: 1658438783
.mathtag.com/ Name: uuid
Value: 794d62d9-c47f-4200-9ebd-a39e0b32cfeb
.contextweb.com/ Name: V
Value: xto16yUfqB0S
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1f34|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ab2d9e5a3a79282f
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADvEyGtoZmphYmxhbmFsYmoAAGleUjoQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjS3NDYytDAyM7IwMzW3MDExE-Iz1DVK8zSLMI1yy0vLMAMAbt-a8SQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjS3NDYytDAyM7IwMzW3MDExE-Iz1DVK8zSLMI1yy0vLMAMAbt-a8SQAAAA
.lijit.com/ Name: _ljtrtb_2
Value: 27A3956640754A76B49E20A290474D7F
.adsrvr.org/ Name: TDID
Value: 6c15e589-a89d-4d15-addc-613230561894
.sitescout.com/ Name: ssi
Value: d2cac6b3-3b59-4984-aec1-84af1835dfd6#1658438783461
.lijit.com/ Name: _ljtrtb_76
Value: b7746499-e725-0b73-1810-3eabb9a404d8
.lijit.com/ Name: _ljtrtb_3
Value: 794d62d9-c47f-4200-9ebd-a39e0b32cfeb
.betano.com/ Name: __cf_bm
Value: KUyDR8kAYKDu6gn3xbw.pY_5tgo7ESk3AVDSFJOjk.Q-1658438783-0-AXU79H+AktvKi4NsV1eeDuz8qzb9fSistD30iWA0ZL9okpt3+yX5nRk0XBeYYPRCDWJ9ohThy3zOwMFVqPOVrfo=
.lijit.com/ Name: _ljtrtb_49
Value: xto16yUfqB0S
.lijit.com/ Name: _ljtrtb_10
Value: 979321826286578446
.bidswitch.net/ Name: tuuid
Value: b6c1429b-d719-4fbe-8065-3422a031d8a8
.tapad.com/ Name: TapAd_TS
Value: 1658438783499
.tapad.com/ Name: TapAd_DID
Value: 7212a30b-7efd-4714-ade0-f3b8adc0c1ac
.mfadsrvr.com/ Name: tuuid
Value: 90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
.mfadsrvr.com/ Name: c
Value: 1658438783
.mfadsrvr.com/ Name: tuuid_lu
Value: 1658438783
.openx.net/ Name: univ_id
Value: 537072971|6c15e589-a89d-4d15-addc-613230561894|1658438783521042
.lijit.com/ Name: _ljtrtb_80
Value: L5VJMOFY-I-MC9P
.adstanding.com/ Name: _adstanding_id
Value: b8dfcc2a9069d2c2f906bb5f35302a87
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lijit.com/ Name: _ljtrtb_84
Value: c:955da31ab757ca66fbdba0443363509d
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.turn.com/ Name: uid
Value: 6971036428562612664
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1658438783
.server.cpmstar.com/ Name: USER_ID
Value: %e8+%5c%b6_%19%fe7u%d88%82%07%c5%cf
.lijit.com/ Name: _ljtrtb_1
Value: 6971036428562612664
.quantserve.com/ Name: mc
Value: 62d9c47f-945e1-2e0e6-44bb6
.lijit.com/ Name: _ljtrtb_87
Value: 90a8d79f-fd8f-4e0c-8e86-bc4ca8ee86c7
.pippio.com/ Name: did
Value: O3Az4BDXEZhGxU9T
.pippio.com/ Name: didts
Value: 1658438783
.pippio.com/ Name: nnls
Value:
.amazon-adsystem.com/ Name: ad-id
Value: A3QWgUbHjk7CvpvQjfIuT3g
.bidr.io/ Name: bito
Value: AADk7k7Fs4kAABDHqdomIA
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_43
Value: dxcLryIRWPBsHFujJBRCpCQVCqBsEVv0IxPtHXin
.lijit.com/ Name: _ljtrtb_27
Value: 6c15e589-a89d-4d15-addc-613230561894
.exelator.com/ Name: EE
Value: "7e729edbb67a9e769e4d30a4c9dd28ed"
.lijit.com/ Name: _ljtrtb_85
Value: AADk7k7Fs4kAABDHqdomIA
.lijit.com/ Name: _ljtrtb_12
Value: 6718591697270919473
.lijit.com/ Name: _ljtrtb_26
Value: b6c1429b-d719-4fbe-8065-3422a031d8a8
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE81dzIMjUlKcnMPNEy1dzMMtUkxdgg0STZMiXFyCI1ZXFZatGCpaXFQCWHllTklOQ0rS6LD3WMd3P09fSJXOacUZSfm7oCLBTmGrTY0MB4SX5RZvoiZ8fFRSlpDItKik8FHxQMAQDXrCpb"
.pippio.com/ Name: pxrc
Value: CP+I55YGEgQIAhAAEgYI7OsBEAA=
.lijit.com/ Name: _ljtrtb_16
Value: d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341
.linksynergy.com/ Name: rmuid
Value: 90089078-2027-4f7b-95c6-3cd1ba9fc9b6
.linksynergy.com/ Name: icts
Value: 2022-07-21T21:26:23Z
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4037D016-2C66-4940-9812-C7174567D13D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 137711:2
.pubmatic.com/ Name: DPSync3
Value: 1658966400%3A164%7C1658448000%3A174%7C1659571200%3A201_197
.pubmatic.com/ Name: SyncRTB3
Value: 1659657600%3A35%7C1658793600%3A216%7C1659571200%3A233_56_21_231_48_7_3_5_13_22_71_178_220_104_165_166_8_55_176_240_54_99%7C1658966400%3A15_2_38_223%7C1659225600%3A63%7C1660953600%3A224
.lijit.com/ Name: _ljtrtb_58
Value: 4037D016-2C66-4940-9812-C7174567D13D
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.lijit.com/ Name: _ljtrtb_83
Value: L5VJMOFY-I-MC9P
.quantserve.com/ Name: d
Value: EIQBEgHVJvijDejbEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2659:18za~2659:18z8~2659"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1ODQzODc4Mzg1NywiNCI6MTY1ODQzODc4MzQ5MSwiNDgiOjE2NTg0Mzg3ODM0OTEsIjM5IjoxNjU4NDM4NzgzNDkxfQ
.adhigh.net/ Name: gi_u
Value: u8eSJ8Xven0J.AikABlGCIqeTRw
.adgrx.com/ Name: ADGRX_UID
Value: c5756a4a-093b-11ed-868f-6822459fe7d7
.deepintent.com/ Name: CDIUSER
Value: di_8b3cf03568544696a744b
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6c15e589-a89d-4d15-addc-613230561894&KRTB&22918-6c15e589-a89d-4d15-addc-613230561894&KRTB&22926-6c15e589-a89d-4d15-addc-613230561894&KRTB&23031-6c15e589-a89d-4d15-addc-613230561894
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YtnEfQAAn_xlmQBC&KRTB&22978-YtnEfQAAn_xlmQBC&KRTB&23194-YtnEfQAAn_xlmQBC&KRTB&23209-YtnEfQAAn_xlmQBC
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&KRTB&16736-uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&KRTB&23019-uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb&KRTB&23208-uid:794d62d9-c47f-4200-9ebd-a39e0b32cfeb
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-6971036428562612664&KRTB&23150-6971036428562612664
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7117251831628971547&KRTB&22521-Q7117251831628971547
.acuityplatform.com/ Name: auid
Value: 681896148123
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQQhUeR2WmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUEIVHkdlo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-610ef577-0522-4323-a68d-73f1401af6ce&KRTB&23340-610ef577-0522-4323-a68d-73f1401af6ce
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-c5756a4a-093b-11ed-868f-6822459fe7d7&KRTB&23275-c5756a4a-093b-11ed-868f-6822459fe7d7
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6718591697270919473&KRTB&23339-6718591697270919473&KRTB&23388-6718591697270919473
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-d2cac6b3-3b59-4984-aec1-84af1835dfd6-62d9c47f-4341
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEHMTrdvaExvDvoWWSHUFhnc&KRTB&22987-CAESEHMTrdvaExvDvoWWSHUFhnc&KRTB&23025-CAESEHMTrdvaExvDvoWWSHUFhnc&KRTB&23386-CAESEHMTrdvaExvDvoWWSHUFhnc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_&KRTB&19420-8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_&KRTB&22979-8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_&KRTB&23403-8gFBmqcHEsXpChGWoQIIkaEDQJXpBxHBpgX53cj_
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:27A3956640754A76B49E20A290474D7F
.creativecdn.com/ Name: u
Value: sFab3kS4UsLhqYOFfY0e
.creativecdn.com/ Name: ts
Value: 1658438783
.adform.net/ Name: uid
Value: 4888899322891537058
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-9ae98511-2659-49e6-69a8-91aba9011da4.AjaMI3nfgeeGlCmucA8j%2BMHjNkw9kQJW1KEJ0l7jxr8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AmumFESZZSeZpqJGrqQEdpJU4mbM.j0hMXVQeJPC59nKsXTNK3AwLKwYrzFF3unJIf0HHUyk
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-681896148123
.ipredictive.com/ Name: cu
Value: c57dce67-093b-11ed-bb74-d59dad38b406|1658438783943
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005%22%7D
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 9a54827d-0769-4b66-bb89-fa80480cbc52
beacon.lynx.cognitivlabs.com/ Name: ss
Value: xy6Hf2mQs%2FXM2R0%2BV04ItHhppXpH6Ah06iFM4rVgaL5C7TZoux7vgZWiNIhKbFsD3sR9Hb0iiRVoJvBxl9nw7A%3D%3D
.smartadserver.com/ Name: csync
Value: 31:b6c1429b-d719-4fbe-8065-3422a031d8a8|79:00bbfae2-fa64-49c8-8f50-155991bf22b9|100:ce132da1-9c53-0e12-183e-3631e706e04c|127:AADk7k7Fs4kAABDHqdomIA
.dotomi.com/ Name: DotomiTest
Value: 76e2a3d6ec801207
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-mumFESZZSeZpqJGrqQEdpJU4mbM
.w55c.net/ Name: wfivefivec
Value: Nil6PUQc1OeDGD5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4888899322891537058&KRTB&23263-4888899322891537058
ads.adlook.me/ Name: adlm_userId
Value: 9a9fb44889e541dba1ca7265e5ffb06b
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-c57dce67-093b-11ed-bb74-d59dad38b406&KRTB&23011-c57dce67-093b-11ed-bb74-d59dad38b406&KRTB&23355-c57dce67-093b-11ed-bb74-d59dad38b406
.w55c.net/ Name: matchpubmatic
Value: 5
.lijit.com/ Name: _ljtrtb_56
Value: RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
.mxptint.net/ Name: mxpim
Value: R1B330_F361F25A_4AEFCE2D.1.000000000000000062D9C480
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Nil6PUQc1OeDGD5
.adhigh.net/ Name: btw_sync
Value: ja3
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGZ5nSlOm1wgNOmJO1AAAAAAA&KRTB&22713-AAAGZ5nSlOm1wgNOmJO1AAAAAAA&KRTB&22715-AAAGZ5nSlOm1wgNOmJO1AAAAAAA
.sportradarserving.com/ Name: c
Value: 1658438784
.sportradarserving.com/ Name: zuuid_lu
Value: 1658438784
.sportradarserving.com/ Name: zuuid
Value: 5f99702f-61cb-4d3b-8675-6ec26ff0003c
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_F361F25A_4AEFCE2D&KRTB&23092-R1B330_F361F25A_4AEFCE2D
.tribalfusion.com/ Name: ANON_ID
Value: aRnsIHPME7fQmKvCiHhiMkmOrWAMst2xGxwbZaGZbds7CqQhXk2UVhjheRlPKhxgnCivbAI719nIc0Jd2GQu38xxaR
.technoratimedia.com/ Name: tads_uid
Value: F1CFB0C7524F409E82D4F247506EDC12
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220721172624-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AADk7k7Fs4kAABDHqdomIA
.lijit.com/ Name: ljtrtb
Value: eJxtkktvVDEMhf%2FLrLEUx44f3d2Z6ahTtaIUUcoyrytBBaW0oFaI%2F04C266SOJ9z7OP83mDcnGxE0ZKjuEYNjs5KmzebJOPq%2BhZ66W5ODepYgT0SeA0FrOfWrYrGShBCmik2UjiQ7gMKxJ3I4DmAG0bYKSon0T3SfrBxPl%2BkIkcv0BQdeC0dLEgC4hhzIGyWbbA42RZrrlIIqKTBujHkXhGM84pGqa1NQGLzyroCE%2BPIZB%2BZz0%2F3KC8f1odteD%2BVdfZcMfVkDtm8ATdMkFurIEiRQhI056k8UVcMJBwtSRSMIvNmGhd1IU%2FjHDTxorJlP41hiR5Yea%2BHgdHA1LnNwuB%2FZTEMR3ppkMl7KBTr2stALQz2It2cX749fIIjXO78aobp9TCPcD3xlFomzEWT1iyyllZyYCYSSsHbJNMgl2V%2Fp3d6eOS7Zdnuzx7a%2FdfjMjucqq5OES1KNElqzDK9m8LtuV78eDlef7zaPp4dfn45317vvu%2Fe3eweto%2BnN7%2FC8fnq6ez287fB67%2BJqrKwO3SNCUJRAjQMQD2X4pkDtzlRmzPwkK2pr7A2G770UMenMoFSuWbrY1t18%2BcvRbik3A%3D%3D
.lijit.com/ Name: _ljtrtb_86
Value: sFab3kS4UsLhqYOFfY0e
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjYz-yettr1OhAFEhYKB3J1Ymljb24SCwiCtJWhttr1OhAFGAEgAigCMgsI2Mfvy8za9ToQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADk7k7Fs4kAABDHqdomIA
.rlcdn.com/ Name: rlas3
Value: PJ6A52oWAi5Sin5nn5sP9Kmxy1MqWR5oqxRXZtlxsAU=
.rlcdn.com/ Name: pxrc
Value: CP+I55YGEgUI6AcQABIFCOhHEAASBgi46wEQABIGCJC8KxAB
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1658438784
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b6c1429b-d719-4fbe-8065-3422a031d8a8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005&KRTB&17107-RX-ebe9893d-ce98-4923-9c0b-8eade8c672c3-005
.pubmatic.com/ Name: PugT
Value: 1658397220
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d1f8964b-7baf-4dc2-8111-9a35bc39795a"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2716:u=1:x=1:i=1658438784:t=1658525184:v=2:sig=AQE_gTG2o1EJHoOTiWnt7aiZibIQdPuX"
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bEHgKFZzdpLou1WuCoMxA8a+JUixCbOKdqn47BzG0jsILS2rz/jbWtWPgYzfMxLYavOrb/MCR+s/Wim20FkqDHUIIjfdKgW99TT7b6hs+kfttAPlTu0R9RN
.betweendigital.com/ Name: ut
Value: YtnEgAAGdFhn0e68aHuaDz1sDdXDxTC_03uLsg==
.pinnacle.com/ Name: btag
Value: a_27754b_17506c_
.pinnacle.com/ Name: refer
Value: XAFF5905
.bumlam.com/ Name: suuid3
Value: IiRjNWQ3ZDZiMi0wOTNiLTExZWQtYTA0NC0wMDI1OTBjODI0Mzc*
.aidata.io/ Name: __upin
Value: nCP5qR1LeoDY4SSEsRNEZA
.aidata.io/ Name: __upints
Value: 1658438785
x01.aidata.io/ Name: adsnpr
Value: 1
.portaldogremista.com.br/ Name: _gali
Value: button-Betboo-BRRT
portaldogremista.com.br/ Name: _ad__v2.0
Value: %7B%22QmV0MzY1LS1OZXctZ2xvYmFsLWFjY291bnQtUlQtUG9ydGFsLWRvLUdyZW1pc3RhZ2xvYmFs%22%3A1%2C%22QmV0YW5vLUJyYXppbFJULTJnbG9iYWw%3D%22%3A1%2C%22UGlubmFjbGVSVC1CUmdsb2JhbA%3D%3D%22%3A1%2C%22QmV0Ym9vLUJSUlRnbG9iYWw%3D%22%3A1%7D
.br.betboo.com/ Name: ASP.NET_SessionId
Value: 0h0a5gtq5gceojyubjb3z4jc
.br.betboo.com/ Name: trc.cid
Value: d072a374796d4f63b1cfb60e31454f4f
.br.betboo.com/ Name: usersettings
Value: lc=false&cid=pt-BR&vc=1&sst=2022-07-21T21:26:25.5970027Z&psst=0001-01-01T00:00:00.0000000Z&lsid=0h0a5gtq5gceojyubjb3z4jc
.br.betboo.com/ Name: lang
Value: pt-br
.br.betboo.com/ Name: trackerId
Value: 5174560
.br.betboo.com/ Name: trackingAffiliate
Value: 5174560
.betboo.com/ Name: __cf_bm
Value: ojrgb6mdWQ_ErnX5KJmZ79DYRvvpgQJuF9fzMyybwdo-1658438785-0-AQlnzchz7LZJkFi+ueNio+4wmKZPbvZWK9b1xMU6tgiTVkt6C3Vr2tGLgEsIe9reTCqlKRZzBH1D3wkli262JEc=
.yandex.ru/ Name: yuidss
Value: 3054532631658438785
.yandex.ru/ Name: yandexuid
Value: 3054532631658438785
.pubmatic.com/ Name: SPugT
Value: 1658438919

4 Console Messages

Source Level URL
Text
javascript warning URL: https://barra.r7.com/tailtarget/profiles.js
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://members.bet365.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error
Message:
Refused to frame 'https://br.betano.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://*.betano.com:*".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0431eb9e09d655a146dc44b19e664588.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
admaxium.com
ads.adlook.me
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.ca
adservice.google.com
alz-d.openx.net
an.yandex.ru
aorta.clickagy.com
ap.lijit.com
api.pn.vg
aud.pubmatic.com
barra.r7.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
br.1xbet.com
br.betano.com
c.eu1.dyntrk.com
c1.adform.net
cache.betweendigital.com
campaigns-ad.s3.eu-west-2.amazonaws.com
cdn.pn.vg
cdn.taboola.com
ce.lijit.com
clickiocdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms-media-api.r7.com
cookie-matching.mediarithmics.com
cookies.pn.vg
core.iprom.net
creativecdn.com
csi.gstatic.com
csync.loopme.me
d.turn.com
data.adsrvr.org
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
lbs-ru1.ads.betweendigital.com
loada.exelator.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
members.bet365.com
mug.criteo.com
mweb.ck.inmobi.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.admaxium.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
portaldogremista.com.br
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pro.ip-api.com
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.clickiocdn.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trustiseverything.de
ui.cleverwebserver.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
widget.perfectmarket.com
widget.us.criteo.com
www.br.betboo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pinnacle.com
www.pokerstars.ca
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
sync.resetdigital.co
www.pokerstars.ca
104.17.133.181
104.18.19.126
104.18.39.170
104.36.115.109
104.36.115.113
104.45.178.220
107.178.246.49
107.178.254.65
107.20.181.84
129.158.42.199
13.225.223.105
139.162.117.143
141.94.171.215
142.250.65.162
142.250.81.226
142.251.40.130
143.204.146.39
145.40.88.5
151.101.1.44
151.101.129.44
151.101.65.108
151.101.66.49
151.236.127.145
159.65.196.12
162.19.80.91
169.197.150.8
173.231.178.77
174.137.133.49
178.250.0.163
18.211.160.120
18.214.248.28
184.29.128.58
185.167.164.43
185.184.8.90
188.42.29.196
192.96.201.97
193.232.150.150
195.5.165.20
198.148.27.139
198.24.171.51
199.115.115.26
199.127.204.142
199.187.193.164
199.187.193.204
199.38.167.130
2001:4998:1c:800::1000
2001:6d0:4001::226
202.61.204.169
204.2.255.233
207.198.113.87
213.19.162.80
23.197.37.29
23.199.201.230
23.3.125.24
23.3.125.39
23.37.232.202
23.37.232.244
2600:1f13:d60:4f07:3863:3294:52fe:c4b3
2602:803:c002:200::62
2606:4700:3035::6815:3249
2606:4700:3035::ac43:9c18
2606:4700:3035::ac43:9ecd
2606:4700:4400::ac40:98f5
2606:4700::6810:7daf
2606:4700::6811:5459
2606:4700::6812:18f6
2606:4700::6813:ad6c
2606:ae80:1451:14::1080
2607:f8b0:4004:c07::9b
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2006
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::200e
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a00:1450:400e:811::2003
2a02:6b8::90
3.215.99.170
3.217.8.50
3.33.220.150
31.172.81.158
34.102.253.54
34.205.59.145
34.98.67.3
35.190.60.146
35.201.96.126
35.207.24.140
35.211.178.172
35.211.233.246
35.244.159.8
35.71.139.29
38.91.101.241
45.135.121.72
45.224.128.162
5.161.47.120
5.200.44.122
5.226.179.10
50.16.197.56
50.57.31.206
51.222.39.184
52.202.34.66
52.45.33.138
52.45.55.227
52.46.128.147
52.95.150.50
54.146.231.30
54.239.38.253
54.36.150.182
54.80.1.197
63.251.114.137
68.67.160.76
68.67.181.211
69.173.151.100
69.90.254.78
72.251.238.254
74.119.119.129
74.119.119.139
74.119.119.150
74.121.140.14
74.222.140.158
75.126.248.142
8.28.7.109
8.28.7.84
8.43.72.97
82.145.213.8
88.99.28.61
89.108.120.76
96.46.183.20
0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75
012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7
024b43e32a7e8c0a4f33050959d01d4d7c423e7fc6b3f9a569fe01a1de8d80c9
038b968f63c82a59daf5159a867d2fffcbef9a17ed70ac7afb31b68bbc8c61b7
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
058527a39f8569e933dd23fac5314ef6243b67e508737e720a82cf54e94b5a0e
067dad1cb6e3c20294e992cbcf485c1ad738e59895faad6ad8be7ef5c1385af4
06f75416dd96838daf46a10e5cc706d3ac80b41507b22b5611d8c90d15eb1a69
07d46515cabde2591c38a6d3369950e4bac80abd934f3ac81210b64f1c7cb4db
0805cfbb0e838ec920e82b3b99741d34ffdea965fbbe567a067395626e46379a
0986413e0612c738c209211538786a9b1fd0ea03acf3c1f33cbaf3ff94beb62b
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d6fa6d1faf6c13601a670968cbdbfc5183636a7a4ca24f0f39cc0530f99d2b5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
119e95b732002aacb6d4a459d79aa4963ff75775eeabb5c00d89f2b2fe390f02
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1457f923a5d59eda64acb68e997c0d9e9d344e5066257ec7a7faf678c3950605
17918c467ab1da5d27d00e83a8fda57ad4c4686fa6d32fb2d3160a581ad8e5fe
17cdf29686a15ac28cbf0f758662a46148960b1656303f2e55124b4192a410db
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
2112aff61dea5de470d1cbf02d2daa6aa9819f0c39f61daf095e5b8815d71a12
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
2397f50767f709c20b7eb1b50c0be561e8b0e9491a68342a9280166e9b8cf4a1
24b35dbd8681681f5a851739371afefcb2c43e922cd0941be2d4034669fd336e
255ee0a5c08e8f443493e70fc6a9f76c269210734309f95e1a6ac80682d9f278
26a655b89c28c0b1620917f1e9dd221cc29e18dd27f4bf772ab34711bca95c89
286ff0083346b35d6d3e9d86eb7621b216e70d8729dcd50905c9bd7a99eadcdd
29070b793b2232697084674a7d43185e557cb0ac536db29b206ff8f7e93e6882
295c24e88eeeccd792f9168cc3316b11b3b1cffa1c125d33ad5fd30fb2660c1d
2a4bdd889e30034c40f7e3d4c07b1eb1500e5dbe44c6b2e568dead283a53d9a1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af63a7b040fd039588fcf06452e814f7fccf2fa8289460f0ed739f909e83fe3
2d0ebd73c19ff527d880dfa57be81f59368fe52492ba014923e94e7d69ec9c94
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
31d860ce7449b2905cac524489cb0fd772e266df0e7b46f2943bf3447bed6363
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
391bc46f6a390af69ccb3194540ca1f10a074c54c4b5cec0530d8b1d8efb7e4f
3b87a92d7d1f3a6d1f1b39e6bbabc769d98d3490a70c70b685b20710be18ccd7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f019d3037b4b1fc9477e2001bbd212ea7670075bbb03a4eaddd7ecdd8d4f35b
3f055c5a70f54bb336ffa137e250347b4d4a24b8df68e8b74b7d56a0994a0d7f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
42565e7d3e98a84e4fb2b400338f1673263f2dce7a114010085618f21ad87e12
433a7007e4747a02a790167a6efa2625855f013970ba49b9b739a5d3db8b2601
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45411272ff89f32a1955433f2e7b94588f9560b89f805473862582e536cf5fae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b7d3f21645309c4d419c6931033a3a0e1036ca339354788d24b511401d3d81
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
4b59a4348d141d34b729074045efc869d19e259acf22c05fcc971504fde83196
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d0e0669b57b5b1be47950e87a6926f2ea2e191c67ebe4509b2657853119db03
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
5347458d046e7e220d74620ec028eb54328d467519d4575802d0d3393bd60f2d
53a0b50a5332f5a6c4082ac319f3388d204f70745c5ee55e606019d2c7f1947d
53d7ce0a8bc5f759495bb3d75ff3df894b4cf9d9262db76c80401864594fe59d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e49cda641d2e9804a7b1fb52e8a5534815312d7cefe1b726051bcb82c70f59
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
56549a000ac4ad5233cfae784cb4aca9a5024e6b3e33cefb488a59b6234113a8
5754d6f6ea79a50d2cb836e91a2130caf24b0ca16cb3fb78ecc16d05ab294622
5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c820d42d568e6ad697041d73d2ee63362d558a757d62289dcf16ec8750b1ae1
5cc1b102b43c611ff116fd286a5657fc24e9af5dfe41ed02019fb0939b171786
5cce4ad8da7ea35d0b8518a1c5d78dac045bf37a24e8fccc0b87f890a9b476e3
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
600eb9802c2ab79f76ca28d78885f65718256572fa0d6f4d21ba0bde607b8502
61bdefeb5903b77fd07e718d0201c0044d12fe44405e79181befcdb208bff888
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623f42b0ad3d6b063f4b6afd072ce85d8b0a3bfc8dc26ca572f852da826ff76d
6290d95dba8dd57f9b3e3c5e565a7c67e3619b870ed66e45d480c4bf8986bfe0
629f52c6e88af97f93787528dee0ed4ad836db8919551c62d9909350c23dc9d7
663b896d000dc492b7148b7d4db87f1ab6b3a132839ce243a4668ac542d85f3e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
703ed3ec5bac1994e42cbcf08eb865388e582eadcda6bf2cf8799f4dc7b3e6f5
7156cb5517592d1d6e285333a2baba269dee740aa3064132e2ed168dd7f34637
7173a88fbac153d84a3b6da88a4bf1b4f6f38f3a5894e95d398af4929bf62050
7277fd9e9bb43fe39b1403784cf6a3b8542ef4cb082f3d4e16e758c43ee5a8c4
7403dfb76ff489b0ec95e2d2ee46fd8cd0bb4ee77b27fed40000466bf6c7ba39
7432ac4083ecf2eb9969a631ac880b2362043908bb9bd34d7f180860be03bc6c
755c78bd07cd45d534817eebe0916ac0bef7fbd89e673f5474c096d4363f789e
759a9000e47b028799d7a4ca602634a7ac7adf415775df070a335d18d9b66f38
75e20001c66e23a79e89e00829c18701f4767e266d823662df3fde2d86215274
75f7e7a299aaba7d9fc25c881493d8fe226930fb6d1c9667e0dd674877b093a2
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
789425f7e69737cacc8b77b6ce616f28524d1cf868aecb6562bfc0187cd92768
7a3c63ce277681cdd522d031dd6a60eede212b7d7429d6dba3ab7a23f864387e
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7da19b0ce70416adc6608bf1bc1feb46f27068a5020475ae52d1de7f638589e1
80c3d1b4a331e7c3ff01be9d2d63e355141270d29e859ee07eca10c18269c295
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8372f2311549cbfb9d4dec11f9fbf27aa778241e2292e55f430e87534cc7cf27
842086803d805d35b198da3c0bbe2a5da5d034d42886250656eb39f2bd927982
84aa8d47d39a80b06c28f29f78072dff4a0f4a5a4fbc688a774c20ddf414d278
8906ac8419fe977cfcca08c74ba82918e5bb4a6b586aa73a6e49df5332b9b4c1
895c6d3e32d1e6c3f492a3a64eaef875223358f512f54fb8320e4c23442c6ed0
89956c77c2b3c3b116fdf62197402e3936b4fbeb67b17cd6b6c3a123d5e8c816
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
914cfa75ca8aa1b616b0579966dbd93b5de64178b288de9de4a03eaddf17c239
92b692b20f1b0327c011c0294309b55ec3d1d4f7ac2b078e3fb6495602181d03
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
971830061a28e04bf19815ec7efb75fecdea260b88ee19f47060494fd73f1603
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98eb1e53e0e5032aaa2ad35b015845930882db77fbdd2c3d522bd3fd4933e507
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3393afd6c8ae41da45ff84dcf221154ad51e7b43fd02c276a72f0bba081f4ef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5fcc4a55fa9956cc18618f6e31c5a6e931c7cc6946a804706c4099296ff1540
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa20cdb568253fb3a9bac04015e2c37462245ab09ddd480c880461b97ed39e71
abb0e75667edd08f35a996373fea36bce51bc659ad81f53e61af29d863535f17
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
aebed60dd2ac1381891de9866cd4b8ed44d16496350ca9c9195366a07d226681
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e24b602b089d42b435bc1c58347acbbf844267de034dd49f3c4aa6bf6f49e4
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b712b419acfb62d74f73194d38934b7163945c263d7bcd2303d4d9a666003d73
b8c27078f54f472c79e0651d18b9b4bf9bf63b9b781ad524f9816f83829bdfd0
b9f9a255c0bddd876a75f34208d5611bddd545f9ceda5d1e3906da9a5136950f
bcdd34afdb90d75dabcade4f4b6bc0021947c24ae800e01e89fbf0f272fac1b4
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc32f75686885456601c9a4e32fccb84ec7599ba1912287484256de4db75db2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c05d32ca57950965e8e862309e4ee5402393526bea838fb7c0fee92d3cf9886c
c112530e70aa5400d40fa893addec873e936f3eb5bbeb641cbe1518c24037cc2
c14f8825dd2751a56927089f0998e497beb8f7cbaf50fca1b3d2b9165db5a0f2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b61b6efe9bd416321fcf21b12756928c4065c26ef8a79292416c33f5664a51
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
c7952fe27f4321f50a0f08939cb11adf13fbc99325ade317fe52a52c8690741d
c7a3344c158a9a67ea9fbbe6dde6e540634005087b23e38eff5d7982593d4f01
c7e82d176c9739680a2dc4115b9b730bffe4c38e89da059154f0d5a865b80a4f
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9d1e80c44ec1f59aa0b10726ccf869c795f01048bed1a20fcc4a4754a3acba0
cc0297016486d68097047f819a2eb0bf5085c4ec93d3c9cc527af688a304bb2e
cc4f04c77a179cc621c2aabc59873cce0847d9409a91ec95997f9a7f16216d4c
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a9a355b83f3a1801cd0c85f82ed63932b9539110e91e696c713dc6d42b9714
d1ad5e6dcc7babba8a878eed69b754f69d404973b000dab71d0548438b44dd79
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d8e700ce1ada85b681de99ef8769f65d77a757c6de3584f4956acc1d5cb7a600
d911b9628680897de145e5e7ad1eda534bc607e2c526cf08dc80d0ea8bc61acc
dbfcad26825b0646f031ff0da6dbb233df888213083f3cc4c2ca90cef877cf2b
dc08ad89782ec0cd78995d13407e231fac863bdde95861e57b9d33990b769417
dd2de78029a38bc5f756b3bff440e9845c551a13160ed1921d20c949bf933d02
dddaf98205938b8bb3deaea45ed813d0719c6007eaf103989cb7cbed6fa51f91
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5e4535e8d8504dc2c0105734472ad6113eeced41b76a956aa577d5a43e4f1c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2585b73f765381af568ee728fb2e133f4b1dc9ee9535357dbc8abe19fc3fb9b
e2754c8374ecd5d96f8f611d0a367c356a37527d868d346b94df29bce91481fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66451cddc39e8ebf1d947ff41a4ccbdd6a796969d03b0171edf153b6b657fd3
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63
eb0e2a4833f3c5f430b404b5cd7d4af449b3104b3aab30571a878e9801a043b8
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd3e6ce7bbf468386dcf69184be2a06d6565a5937b82290f6d5056e8f7fd66a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07774464783287d26cf8328f845e857bff75ea915393dfb60d41ef816fc22a9
f302c34fc9a685af679b05287321c6d0c09336e60db48ca5943cee4e3498dc8a
f326544f98de4504d38864885e3b6ed93f8ff715a3bec93f57b7ad8d63bb6322
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ba8c34d9b136f92cc662befc08ab6aeed6ed89c62c3e727f2218f52551bd87
f6b41b2dbdf5ec7ce02245aa4fcfcae94546874fcbe2e3551e2c6781ec633fdf
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
fe0dd527489b9ada352a33c4c98447e0070705bc816dfb87f3b008fb8ff5514a
fe6c39f4884a7f284d01e20777efa868733c5df14f82cfdf9c6e43bf391dc640
febc3fa3771af82aef3ba5f45e65010ba6330762634fc27ec6e2e1469733f6f2
fef77413c92d9ec50c89ec071f1ec7315cffe05da2350251c9b28b503d4cf2ae
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312