urlscan.io logo urlscan.io
SecurityTrails logo

vip-iugu.com Open in urlscan Pro
104.154.115.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vip-iugu.com/
Effective URL: https://vip-iugu.com/
Submission Tags: @ecarlesi possiblethreat #phishing #facebook Search All
Submission: On May 24 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 14 countries across 96 domains to perform 742 HTTP transactions. The main IP is 104.154.115.30, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is vip-iugu.com.
TLS certificate: Issued by R3 on May 23rd 2023. Valid for: 3 months.
This is the only time vip-iugu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.154.115.30 396982 (GOOGLE-CL...)
26 151.101.1.44 54113 (FASTLY)
2 11 2a02:2638:d::d 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 151.101.65.44 54113 (FASTLY)
16 2a03:2880:f08... 32934 (FACEBOOK)
10 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 95.101.149.35 16625 (AKAMAI-AS)
18 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
3 35.201.123.184 396982 (GOOGLE-CL...)
2 5 13.32.99.21 16509 (AMAZON-02)
16 163.172.221.209 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.122 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.212.130.244 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 104.111.217.42 16625 (AKAMAI-AS)
3 7 52.46.128.147 16509 (AMAZON-02)
3 16 34.98.64.218 396982 (GOOGLE-CL...)
2 141.226.230.48 200478 (TABOOLA-AS)
2 4 2a03:2880:f17... 32934 (FACEBOOK)
4 23.35.236.188 16625 (AKAMAI-AS)
5 5 2620:116:800d... 16509 (AMAZON-02)
11 12 37.157.3.20 198622 (ADFORM)
11 15.197.193.217 16509 (AMAZON-02)
24 38 142.250.185.66 15169 (GOOGLE)
19 95.101.148.20 16625 (AKAMAI-AS)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 104.64.126.246 16625 (AKAMAI-AS)
2 178.250.7.13 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.32.119.77 16509 (AMAZON-02)
4 162.19.138.83 16276 (OVH)
4 35.190.39.111 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.35.229.56 16625 (AKAMAI-AS)
4 2001:4860:480... 15169 (GOOGLE)
5 18 185.89.210.212 29990 (ASN-APPNEX)
4 81.17.55.113 60781 (LEASEWEB-...)
4 2602:803:c003... 26667 (RUBICONPR...)
2 34.107.148.139 396982 (GOOGLE-CL...)
8 52.28.203.152 16509 (AMAZON-02)
82 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 104.80.242.37 16625 (AKAMAI-AS)
4 4 193.0.160.131 54312 (ROCKETFUEL)
3 23.35.236.201 16625 (AKAMAI-AS)
6 23.35.228.23 16625 (AKAMAI-AS)
3 69.166.1.10 27630 (AS-XFERNET)
14 17 213.19.147.45 26120 (RHYTHMONE)
8 8 2001:678:cb4:... 56396 (AMOBEE)
6 6 178.250.1.9 44788 (ASN-CRITE...)
11 14 52.58.91.78 16509 (AMAZON-02)
5 7 64.74.236.127 19024 (INTERNAP-...)
4 4 3.120.43.54 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 5 67.220.228.202 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 5 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 7 2a05:d018:d29... 16509 (AMAZON-02)
6 8 185.64.189.115 62713 (AS-PUBMATIC)
13 51 185.86.139.104 201081 (SMARTADSE...)
5 17 185.80.39.216 27381 (CASALE-MEDIA)
4 4 185.29.134.244 30419 (MEDIAMATH...)
2 2 52.18.135.178 16509 (AMAZON-02)
8 9 54.220.255.219 16509 (AMAZON-02)
2 2 185.183.112.148 60350 (VP)
4 4 185.89.210.90 29990 (ASN-APPNEX)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
3 3 198.148.27.139 19189 (PULSEPOINT)
2 2a05:d018:24:... 16509 (AMAZON-02)
4 6 151.101.66.49 54113 (FASTLY)
2 185.255.84.152 200271 (IGUANE-)
3 3 35.214.153.92 15169 (GOOGLE)
2 2 80.77.87.166 46636 (NATCOWEB)
2 2600:9000:211... 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
5 18.185.151.66 16509 (AMAZON-02)
11 14 34.200.182.70 14618 (AMAZON-AES)
2 2 3.64.145.154 16509 (AMAZON-02)
1 1 146.0.227.110 20773 (GODADDY)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 141.226.228.48 200478 (TABOOLA-AS)
2 98.98.134.242 21859 (ZEN-ECN)
1 18.159.26.253 16509 (AMAZON-02)
2 2 141.94.242.226 16276 (OVH)
4 4 141.94.171.215 16276 (OVH)
2 3 54.78.22.70 16509 (AMAZON-02)
1 2 35.227.252.103 15169 (GOOGLE)
1 2 52.31.219.190 16509 (AMAZON-02)
2 2 3.75.62.37 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
20 185.64.190.80 62713 (AS-PUBMATIC)
1 213.155.156.181 1299 (TWELVE99 ...)
1 1 54.227.251.232 14618 (AMAZON-AES)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 72.251.241.206 32475 (SINGLEHOP...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
3 198.47.127.20 3257 (GTT-BACKB...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
5 34.102.185.99 396982 (GOOGLE-CL...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 23.88.86.2 24940 (HETZNER-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.171.213 16276 (OVH)
742 108
2    104.154.115.30 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.115.154.104.bc.googleusercontent.com
vip-iugu.com
26    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
vidstat.taboola.com
images.taboola.com
imprlatbmp.taboola.com
trc.taboola.com
11    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2606:4700:e4::ac40:a527 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
16    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
10    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
www.google.fr
14    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
18    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
recomendador.gridmidia.com
ads.gridmidia.com
9    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
5    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
16    163.172.221.209 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-221-209.rev.poneytelecom.eu
fdr.com.br
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com.br
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:a000:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
3    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.terra.com.br
2    52.212.130.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-130-244.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
at.teads.tv
7    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
16    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
eu-u.openx.net
2    141.226.230.48 (United States)

ASN200478 (TABOOLA-AS, IL)
la-match.taboola.com
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
12    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
11    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
38    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
19    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
8    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
ced-ns.sascdn.com
10    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
4    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
4    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
readaloud.googleapis.com
3    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
t.teads.tv
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
18    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
4    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
82    2a00:1450:4001:806::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    104.80.242.37 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-242-37.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net
cs.media.net
3    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
17    213.19.147.45 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
14    52.58.91.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-91-78.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
4    3.120.43.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-43-54.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    2a05:d018:d29:3601:cc5:dc1b:2834:9d22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
51    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
17    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.18.135.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-135-178.eu-west-1.compute.amazonaws.com
ads.avct.cloud
9    54.220.255.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-255-219.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.183.112.148 (Arnouville, France)

ASN60350 (VP, FR)
sync.adotmob.com
4    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2a05:d018:24:b002:aa55:d04a:d829:3323 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
6    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
3    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
2    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    2600:9000:211e:4800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    18.185.151.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
14    34.200.182.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-182-70.compute-1.amazonaws.com
a.audrte.com
2    3.64.145.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-145-154.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
8    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    18.159.26.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-26-253.eu-central-1.compute.amazonaws.com
match.justpremium.com
2    141.94.242.226 (France)

ASN16276 (OVH, FR)
PTR: bixel-3.cloudy.ovh
green.erne.co
4    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
3    54.78.22.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-22-70.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.31.219.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-219-190.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
20    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    54.227.251.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-251-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
dclk-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10969-0.seg.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
3    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
82 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 568
61 smartadserver.com
csync.smartadserver.com — Cisco Umbrella Rank: 3287
prg.smartadserver.com — Cisco Umbrella Rank: 1638
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
76 KB
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
390 KB
34 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image2.pubmatic.com — Cisco Umbrella Rank: 820
image4.pubmatic.com — Cisco Umbrella Rank: 955
simage4.pubmatic.com — Cisco Umbrella Rank: 1193
41 KB
32 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
364 KB
32 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 899
pm-widget.taboola.com — Cisco Umbrella Rank: 4523
vidstat.taboola.com — Cisco Umbrella Rank: 2666
images.taboola.com — Cisco Umbrella Rank: 1972
imprlatbmp.taboola.com — Cisco Umbrella Rank: 7741
la-match.taboola.com — Cisco Umbrella Rank: 7621
trc.taboola.com — Cisco Umbrella Rank: 635
trc-events.taboola.com — Cisco Umbrella Rank: 1846
983 KB
27 media.net
contextual.media.net — Cisco Umbrella Rank: 599
prebid.media.net — Cisco Umbrella Rank: 1346
c21lg-d.media.net — Cisco Umbrella Rank: 2170
cs.media.net — Cisco Umbrella Rank: 1383
55 KB
26 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 566
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
65 KB
26 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 583
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 417
90 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
dis.criteo.com — Cisco Umbrella Rank: 575
19 KB
18 openx.net
google-bidout-d.openx.net — Cisco Umbrella Rank: 2602
us-u.openx.net — Cisco Umbrella Rank: 436
eu-u.openx.net — Cisco Umbrella Rank: 2294
oajs.openx.net Failed
rtb.openx.net — Cisco Umbrella Rank: 1172
3 KB
18 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
62 KB
17 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
15 KB
17 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1298
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
6 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
69 KB
16 fdr.com.br
fdr.com.br — Cisco Umbrella Rank: 891408
242 KB
14 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
9 KB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
6 KB
12 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
dmp.adform.net — Cisco Umbrella Rank: 2844
8 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
749 KB
11 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 797
523 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
3 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 68
31 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 520
4 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
525 KB
9 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1373
sync.teads.tv — Cisco Umbrella Rank: 1255
at.teads.tv — Cisco Umbrella Rank: 4538
t.teads.tv — Cisco Umbrella Rank: 2731
138 KB
8 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
4 KB
8 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 60632
d.tailtarget.com — Cisco Umbrella Rank: 67888
tt-10969-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 361536
b.t.tailtarget.com — Cisco Umbrella Rank: 55547
t.tailtarget.com — Cisco Umbrella Rank: 6902
43 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 533
2 KB
7 gridmidia.com
recomendador.gridmidia.com
ads.gridmidia.com
94 KB
6 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15136
pixel.onaudience.com — Cisco Umbrella Rank: 2808
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
2 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
13 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
2 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
2 KB
5 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
2 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
20 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 437
readaloud.googleapis.com — Cisco Umbrella Rank: 5930
fonts.googleapis.com — Cisco Umbrella Rank: 35
125 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
4 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
311 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
2 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 961
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
3 KB
4 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
553 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
31 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2748
spl.zeotap.com — Cisco Umbrella Rank: 3268
974 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 849
719 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 550
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
1 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 874
1 KB
3 google.fr
www.google.fr — Cisco Umbrella Rank: 16278
adservice.google.fr — Cisco Umbrella Rank: 35479
1 KB
3 terra.com.br
www.terra.com.br — Cisco Umbrella Rank: 102339
6 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
creativecdn.com — Cisco Umbrella Rank: 531
3 KB
3 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 112344
62 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1176
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3044
dclk-match.dotomi.com — Cisco Umbrella Rank: 2889
208 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762
499 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
2 KB
2 erne.co
green.erne.co — Cisco Umbrella Rank: 20357
744 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 607
374 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 629
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 713
479 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 931
1 KB
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1484
133 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1515
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3720
1 KB
2 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2600
7 KB
2 vip-iugu.com
vip-iugu.com
135 KB
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6059
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2592
641 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6168
553 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
86 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2106
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3605
464 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2066
308 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1253
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5565
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5255
369 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
948 B
1 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
125 B
1 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 3749
325 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
54 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2137
390 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
653 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
901 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2334
8 KB
1 google.com.br
adservice.google.com.br — Cisco Umbrella Rank: 56914
531 B
1 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3523
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
603 B
742 96
Domain Requested by
82 csp.withgoogle.com vip-iugu.com
51 rtb-csync.smartadserver.com 13 redirects csync.smartadserver.com
eu-u.openx.net
ssum-sec.casalemedia.com
38 cm.g.doubleclick.net 24 redirects google-bidout-d.openx.net
eus.rubiconproject.com
csync.smartadserver.com
googleads.g.doubleclick.net
vip-iugu.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
19 contextual.media.net vip-iugu.com
contextual.media.net
csync.smartadserver.com
ads.pubmatic.com
ads.gridmidia.com
18 ib.adnxs.com 5 redirects ads.gridmidia.com
acdn.adnxs.com
googleads.g.doubleclick.net
18 pagead2.googlesyndication.com vip-iugu.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
17 cdn.taboola.com vip-iugu.com
cdn.taboola.com
16 fdr.com.br vip-iugu.com
fdr.com.br
14 a.audrte.com 11 redirects csync.smartadserver.com
ads.pubmatic.com
14 x.bidswitch.net 11 redirects contextual.media.net
14 www.google-analytics.com vip-iugu.com
www.google-analytics.com
www.googletagmanager.com
13 simage2.pubmatic.com ads.pubmatic.com
12 sync.1rx.io 12 redirects
11 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
11 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
11 match.adsrvr.org google-bidout-d.openx.net
contextual.media.net
eus.rubiconproject.com
csync.smartadserver.com
ssum-sec.casalemedia.com
ads.pubmatic.com
11 gum.criteo.com 2 redirects vip-iugu.com
cdn.taboola.com
contextual.media.net
static.criteo.net
ads.gridmidia.com
10 eus.rubiconproject.com vip-iugu.com
eus.rubiconproject.com
contextual.media.net
ads.gridmidia.com
10 securepubads.g.doubleclick.net vip-iugu.com
securepubads.g.doubleclick.net
recomendador.gridmidia.com
9 match.prod.bidr.io 8 redirects eu-u.openx.net
9 c1.adform.net 8 redirects ads.pubmatic.com
9 www.googletagmanager.com vip-iugu.com
www.googletagmanager.com
www.gstatic.com
recomendador.gridmidia.com
8 tpc.googlesyndication.com vip-iugu.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
8 image6.pubmatic.com 6 redirects ads.pubmatic.com
8 ad.turn.com 8 redirects
8 c2shb.pubgw.yahoo.com ads.gridmidia.com
8 us-u.openx.net 2 redirects google-bidout-d.openx.net
eu-u.openx.net
8 www.gstatic.com vip-iugu.com
www.google.com
www.gstatic.com
7 image2.pubmatic.com ads.pubmatic.com
7 pr-bh.ybp.yahoo.com 2 redirects eu-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
7 b1sync.zemanta.com 5 redirects csync.smartadserver.com
7 s.amazon-adsystem.com 3 redirects vip-iugu.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
7 www.google.com vip-iugu.com
www.google.com
tpc.googlesyndication.com
6 sync-tm.everesttech.net 4 redirects csync.smartadserver.com
ads.pubmatic.com
6 ssum-sec.casalemedia.com 2 redirects csync.smartadserver.com
ssum-sec.casalemedia.com
6 dis.criteo.com 6 redirects
6 csync.smartadserver.com vip-iugu.com
csync.smartadserver.com
6 eu-u.openx.net google-bidout-d.openx.net
csync.smartadserver.com
eu-u.openx.net
5 match.sharethrough.com csync.smartadserver.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
csync.smartadserver.com
ads.pubmatic.com
5 sync.targeting.unrulymedia.com 2 redirects contextual.media.net
csync.smartadserver.com
5 cms.quantserve.com 5 redirects
5 googleads.g.doubleclick.net vip-iugu.com
pagead2.googlesyndication.com
5 sb.scorecardresearch.com 2 redirects vip-iugu.com
5 recomendador.gridmidia.com vip-iugu.com
recomendador.gridmidia.com
5 connect.facebook.net vip-iugu.com
connect.facebook.net
4 pixel-eu.onaudience.com 4 redirects
4 secure.adnxs.com 4 redirects
4 sync.mathtag.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 rtb.mfadsrvr.com 4 redirects
4 c21lg-d.media.net contextual.media.net
4 p.rfihub.com 4 redirects
4 fastlane.rubiconproject.com ads.gridmidia.com
4 prg.smartadserver.com ads.gridmidia.com
4 region1.google-analytics.com www.googletagmanager.com
4 esp.rtbhouse.com invstatic101.creativecdn.com
4 id5-sync.com cdn.id5-sync.com
csync.smartadserver.com
4 acdn.adnxs.com vip-iugu.com
ads.gridmidia.com
4 www.facebook.com 2 redirects vip-iugu.com
4 e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com vip-iugu.com
4 vidstat.taboola.com vip-iugu.com
4 adservice.google.com vip-iugu.com
securepubads.g.doubleclick.net
4 a.teads.tv vip-iugu.com
a.teads.tv
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 trc-events.taboola.com vip-iugu.com
3 dmp.adform.net 3 redirects
3 csync.loopme.me 3 redirects
3 bh.contextweb.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 sync.go.sonobi.com contextual.media.net
3 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
3 secure-assets.rubiconproject.com 3 redirects
3 t.teads.tv vip-iugu.com
3 stats.g.doubleclick.net www.google-analytics.com
3 images.taboola.com vip-iugu.com
3 www.terra.com.br vip-iugu.com
3 cdn.pn.vg vip-iugu.com
3 c.amazon-adsystem.com vip-iugu.com
c.amazon-adsystem.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 b.t.tailtarget.com d.tailtarget.com
2 tt-10969-0.seg.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com vip-iugu.com
d.tailtarget.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 rtb.openx.net 1 redirects eu-u.openx.net
2 green.erne.co 2 redirects
2 pixel-sync.sitescout.com eu-u.openx.net
ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 id.rlcdn.com csync.smartadserver.com
2 s.ad.smaato.net csync.smartadserver.com
2 cs.admanmedia.com 2 redirects
2 visitor.omnitagjs.com csync.smartadserver.com
2 sync.tidaltv.com csync.smartadserver.com
2 sync.adotmob.com 2 redirects
2 ads.avct.cloud 2 redirects
2 cs.media.net contextual.media.net
2 fonts.googleapis.com recomendador.gridmidia.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
2 prebid.media.net ads.gridmidia.com
2 ced-ns.sascdn.com csync.smartadserver.com
2 www.google.fr vip-iugu.com
2 readaloud.googleapis.com www.gstatic.com
2 da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 mug.criteo.com vip-iugu.com
2 la-match.taboola.com vip-iugu.com
2 google-bidout-d.openx.net 1 redirects vip-iugu.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 ads.gridmidia.com vip-iugu.com
2 vip-iugu.com 1 redirects
1 spl.zeotap.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 t.tailtarget.com
1 ads.travelaudience.com 1 redirects
1 dclk-match.dotomi.com da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
1 s0.2mdn.net da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 d5p.de17a.com ads.pubmatic.com
1 adservice.google.fr securepubads.g.doubleclick.net
1 match.justpremium.com eu-u.openx.net
1 www.googletagservices.com vip-iugu.com
1 inv-nets.admixer.net 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 trc.taboola.com cdn.taboola.com
1 at.teads.tv a.teads.tv
1 imprlatbmp.taboola.com vip-iugu.com
1 sync.teads.tv vip-iugu.com
1 pm-widget.taboola.com vip-iugu.com
1 cdn.prod.uidapi.com vip-iugu.com
1 tags.crwdcntrl.net vip-iugu.com
1 invstatic101.creativecdn.com vip-iugu.com
1 cdn.id5-sync.com vip-iugu.com
1 cdn.jsdelivr.net vip-iugu.com
1 static.criteo.net vip-iugu.com
1 oa.openxcdn.net vip-iugu.com
1 adservice.google.com.br vip-iugu.com
1 imasdk.googleapis.com vip-iugu.com
1 tags.t.tailtarget.com vip-iugu.com
1 widget.perfectmarket.com vip-iugu.com
1 partner.googleadservices.com vip-iugu.com
0 oajs.openx.net Failed oa.openxcdn.net
742 160
Subject Issuer Validity Valid
vip-iugu.com
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
pn.vg
GTS CA 1P5		 2023-05-01 -
2023-07-30		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-02 -
2023-05-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
gridmidia.com
GTS CA 1P5		 2023-05-04 -
2023-08-02		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
fdr.com.br
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com.br
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
terra.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-17 -
2023-11-17		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-19 -
2023-06-19		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02		 2023-02-27 -
2023-09-20		 7 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-01-29		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-30 -
2023-12-30		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh

This page contains 80 frames:

Primary Page: https://vip-iugu.com/
Frame ID: 1FC604B4F19FF79BA65C78471ECC46FA
Requests: 204 HTTP requests in this frame

Frame: https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE2962A306F70B5996E0F71F16F4CD3F
Requests: 1 HTTP requests in this frame

Frame: https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 81241ABA68FCF3B600184586600542D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8538744060850645&output=html&adk=1812271804&adf=3025194257&lmt=1684806457&plat=1%3A1024%2C2%3A1024%2C3%3A2162688%2C4%3A2162688%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&ea=0&pra=5&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEzLjAuNTY3Mi4xMjciLFtdLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMTMuMC41NjcyLjEyNyJdLFsiQ2hyb21pdW0iLCIxMTMuMC41NjcyLjEyNyJdLFsiTm90LUEuQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1684806461648&bpp=3&bdt=2358&idt=2310&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2485162687399&frm=20&pv=2&ga_vid=2095949300.1684806461&ga_sid=1684806464&ga_hid=840685914&ga_fc=1&u_tz=-180&u_his=9&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1017&bih=620&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782468%2C44788441%2C44792645&oid=2&pvsid=3671398093396860&tmod=803941731&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=2697%2C73%2C2697%2C73%2C2560%2C0%2C1050%2C708%2C1034%2C620&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2330
Frame ID: 5A8720B7D958CD1326827B1479B2F782
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Frame ID: F0353825256739E18F67A236666407A4
Requests: 7 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=141044&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=139b6628-da6d-4243-acbe-afd4541da678&vid=08cbff2c-8c6a-4726-8909-e44adcfc6732&1684806466100
Frame ID: FB804C78F26A68938F83DF571D78DF51
Requests: 1 HTTP requests in this frame

Frame: https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED0E9CE1AA6AC14F2B24923E16A0A1BB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=fdr.com.br
Frame ID: 8773FB03E6F6EE99A40B8407FA2BCC82
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt&dcc=t
Frame ID: 88D5BAF22049DB06CE8CBC08D9AD1927
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: EF50A8FA46F076D3AD45C43DD3F301E5
Requests: 6 HTTP requests in this frame

Frame: https://imprlatbmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1684806467053&uv=131781256&tms=1684806467053&abt=nonrv_vA!ntvc_vB!smbs!tbt_unit!ufm_vE&ru=https://www.google.com/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=41074c90-51f0-4d1d-835d-b91d275aec7d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: CCA76F4791496CCF9EDEEDCD57DEA7E1
Requests: 1 HTTP requests in this frame

Frame: https://la-match.taboola.com/sync?dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: AC35CBCF733C726A5A14A423C5D022E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: F346F8EF81A54B5A4BD37C556C44B59B
Requests: 1 HTTP requests in this frame

Frame: https://la-match.taboola.com/sync?dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6C408EA42DE86519CD455D108B7C7274
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: 0F0A57E0485D581679DD870FC6C69D95
Requests: 1 HTTP requests in this frame

Frame: https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A272768F202798F809920B2CB6F9703D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3003E4B8C0F28D30B52B346545E4E26E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3DFF673157B111389C69A8255249E193
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 33FA1C74CEB74C82501264BD5F5D42C1
Requests: 12 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Frame ID: 14BF71B12DA4693F07DA92974C1D7A87
Requests: 31 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Frame ID: E836F17BBC101F234150637B3ED9E17C
Requests: 31 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 09863D0A30079E10E4DB5E62DB433722
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 64A4B3FDCB022CBA2490767141E804E9
Requests: 10 HTTP requests in this frame

Frame: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F47AABE5EC0D8A39CEB5599A1950E1C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Frame ID: 3C0863D304B8677E04693BC8B7E985AB
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/readaloud/player/web/api/analytics/analytics.html?url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&trackingIds=G-RQL80RY6XN%2CG-RZ8ETGC2K4&tracking=false&sourceUrl=https%3A%2F%2Fvip-iugu.com%2F&sourceReferrerUrl=&origin=https%3A%2F%2Fvip-iugu.com
Frame ID: 6216BEB1D3BA6F803BFFFCC9BB8B75B0
Requests: 231 HTTP requests in this frame

Frame: https://recomendador.gridmidia.com/assets/base.min.css?v=20211008145159
Frame ID: D92C0778885B90B50CF1E20CABF2631F
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: C5156EAC193AA4FC4D2F863A4E7ABD9B
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449033279299430715216000V10&ovsid=5109685627766473074
Frame ID: 568FFC995F3581C38D72644485576AF8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Frame ID: 34C5EA14A7F752D2E35FB6F867C333BD
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: D9A1F46D5EFC33680F23E6AA7B0CFEBD
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449413279299430715216000V10&ovsid=5108559727906168966
Frame ID: A50AE0B204DC9519C69CA59577DCDC4C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Frame ID: C08B0EDFC7E31E775D19C8F80B7934BA
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=vip-iugu.com
Frame ID: 11B82CD6E7013803F38352DF23365E7C
Requests: 2 HTTP requests in this frame

Frame: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7540372F0E745CC14D3379C16B99213
Requests: 3 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Frame ID: 082FA001BF38AE01016066E4454CB8DD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: C938AAF9C25E513FBC03E705464FEAD8
Requests: 8 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8214394872625996297&gdpr=0&gdpr_consent=
Frame ID: B9F983635E9EFF03693701C757A131FD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Frame ID: 36EEA34846B5E87D546983A561A4B1B3
Requests: 10 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=CA1C474D-DB53-4993-A29E-3BE3E71F2CD0&gdpr=0&gdpr_consent=
Frame ID: C21CD187B8DE17F88F3A3C5B848624CE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: A63123BC7095F1212C1B549A8F89AED8
Requests: 8 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8142337278588068361&gdpr=0&gdpr_consent=
Frame ID: 3F74CFA96CB525A99F35773FAFB58708
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Frame ID: CE8087D5B00A4D216E1264E9C1CD38BB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Frame ID: DE4C5639EAB90F433A10716E6A0DB6BE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6CB0B00D749BD1F62503988C625D54C1
Requests: 15 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Frame ID: 75C4AD68F7D7817C3A6B969DB9FA75E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727906168966
Frame ID: 308F565A113AC3DF8EC52EA6BC6E1ADC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5D64E9923EED5F3EA17BB085A32B8472
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 530059302EA54CE4D202219CDE0DD58E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1663283F-490C-4B0F-83AC-BF248722F976&redir=true&gdpr=0&gdpr_consent=
Frame ID: F6571DFF34BFA85029E4D8F243A4A2EB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
Frame ID: 95345FAA42687B53F0DBB095DE687F58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5856040556656650501&gdpr=0&gdpr_consent=
Frame ID: 06555819DE85DA6271D0C88D3595BD94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236712137899833488&gdpr=0&gdpr_consent=
Frame ID: 2CB8701BF20151DED183449F5186DA04
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 12494BF7620071F1F22193F3F4AE3843
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Frame ID: ADE9B3212F889764711606136EC7E4D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ld407ELKX49W5B1_4sBx81ze1BA&gdpr=0&gdpr_consent=
Frame ID: FEE33B29371599E71AADDC34E8F5EF00
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 42DFCBF070A08F753137E94C9D7C8BE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: BCFC6E0DB9F7E35142B278EE051626BC
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 014C1058A3C7A4520898683BFCE4B9C4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 53E1C0D6134001A9377B9D5218635773
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D5EDACDE687921C82E63D209184AEFD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Frame ID: 6570617BF31BD3445BD690C60004E698
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=pba&refUrl=&vid=49283449033279299430715216000V10&ovsid=1663283F-490C-4B0F-83AC-BF248722F976
Frame ID: B8654749DB7A77F2013E53F621959B2F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BBA0DC70FE60020D99784CEDB93F849
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 20AEFF9CD8C7031473C604AB6C8BDB4F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FA47912752CFAD364EED9E950731364
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68C819667C25A92EBED81A0C5526C9E3
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 42C08A6D1105860DADDEFE1A630F2800
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 907E5E831C4AC05C0A760BCD89A9B3CC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1FE9E7C2A58B4187220ABFAF8F4D5980
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 67D83F714294C23E92E6C3C4E839C904
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D705EC4A4E0A78325B33D9A49EC95D3F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: DD062B5DEE7C16BB10AC95A9E48CE4B1
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Frame ID: 02D896A4FDBB31ADEA0F945B57696259
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qgx3nxk5xz5x
Frame ID: 0D8F5C89823356D0D3E830BFA4CE3B0A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhWShRRVVVXMTgjg&gdpr=0&gdpr_consent=
Frame ID: 3D2ED7CAC6720153562F366920D558A1
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: D654C83A95FCA5490FF2466F490E8E02
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=584360697
Frame ID: 3408C13420B6F3174B2C5A515420EA7A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:09247A3C1567485EB0C6C88506C52083&gdpr=0&gdpr_consent=
Frame ID: BF08C7A9451BC56725183C2F5095EECE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=pba&refUrl=&vid=49283449413279299430715216000V10&ovsid=1663283F-490C-4B0F-83AC-BF248722F976
Frame ID: 6162402A9C5AB79E0ED12CC61EC04775
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Usuários relatam dificuldade em sacar dinheiro desta conta digitalFDRMenuFechar menuYouTubeFacebookBuscaBuscaFechar buscaCurtirTweetarEnviar pelo messengerEnviar pelo WhatsAppFDRFabio LoboFDRMenuFechar menuYouTubeFacebookBuscaBuscaFechar buscaGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

  1. http://vip-iugu.com/ HTTP 301
    https://vip-iugu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

742
Requests

64 %
HTTPS

32 %
IPv6

96
Domains

160
Subdomains

108
IPs

14
Countries

5450 kB
Transfer

17664 kB
Size

152
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vip-iugu.com/ HTTP 301
    https://vip-iugu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt&dcc=t
Request Chain 127
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Request Chain 140
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=-y9B96ssQqTgIhPwqyta8PwuQvLgfUfy_S7O4JRz
Request Chain 141
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4354139647387671599
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzRiT411C1gAYNFO9JagJE&google_cver=1
Request Chain 150
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=fdr.com.br&sn=ChromeSyncframe&so=0&topUrl=fdr.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=xJ4RLHxqTXp3QmJra1VkL2ZwenZqS0U3bWoyZFdaK3htcjFoMWRZRVNTMW9aTkFWZDdDaHh4MStuWEJnZjVXMGFxcGc2bG1GTXNjY1NpZVhJUjlmNXRCeGs2K0RmcE4wQU1xWUl0b3grSlhsMDVoZHZSTHF5QnExd0ZDMGF6RHNzSTg1dk9VMDFCQzMrOXU1NFVCNW92Y3cxc2NJOHYwOTFzU1d0cFJoTFJPTFNxcGV6NFMzUENObzlyengwTG1JVmR6RnBYMzV2eGJ4anNrSnV0RS9WZlJIa3JhOHV1S2N6RWZRSU4xWVN0WmtubTFneUk3S05URkR4andzNmJYekFGZFBVdm1SbGU1WFZobEkrTG9XTG9ockR0UT09fA&cppv=2
Request Chain 152
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
Request Chain 153
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
Request Chain 163
  • https://www.facebook.com/v12.0/plugins/comments.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Request Chain 218
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 219
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 451
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 452
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Drkt%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449033279299430715216000V10&ovsid=5109685627766473074
Request Chain 456
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dopx%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449033279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
Request Chain 457
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3D%5BRX_UUID%5D&cb=1684928345258 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2599183618 HTTP 302
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI3OTI5OTQzMDcxNTIxNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
Request Chain 459
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
Request Chain 461
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dzem%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449033279299430715216000V10&ovsid=__ZUID__
Request Chain 462
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3279299430715216000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3279299430715216000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Request Chain 466
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI3OTI5OTQzMDcxNTIxNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
Request Chain 468
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Drkt%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449413279299430715216000V10&ovsid=5108559727906168966
Request Chain 469
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
Request Chain 471
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3279299430715216000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3279299430715216000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Request Chain 475
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dopx%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449413279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
Request Chain 476
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3D%5BRX_UUID%5D&cb=1684928345258 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7610471231 HTTP 302
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Request Chain 477
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dzem%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449413279299430715216000V10&ovsid=__ZUID__
Request Chain 504
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 505
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEkxTVRaQkgtOS1OR1k= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5_h48S9sOhle685G0qH14&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxTVRaQkgtOS1OR1k=&google_push=
Request Chain 506
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI1MTZBH-9-NGY
Request Chain 507
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SncWCN_PSTiV5mHlPbPCyQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SncWCN_PSTiV5mHlPbPCyQ
Request Chain 509
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b2Uupgf8fIYGjg8P-TsI4g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nBQmPIVE2oKpwwegbUSyn9Mqf6iWDuJFdPpbtw--~A
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbwvZmw0F5tKVaQsuMm3nk&google_cver=1
Request Chain 511
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMyZGNhN2RkMWU3ZDQ4MTY3NjNkOWUxMzFlM2U5NjY1ZDNlOGFiNw
Request Chain 514
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Request Chain 516
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8214394872625996297&gdpr=0&gdpr_consent=
Request Chain 517
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Request Chain 518
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 520
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
Request Chain 521
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=c47b646d-f759-4f00-8390-6bd97343fe8c&gdpr=0&gdpr_consent=
Request Chain 522
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=226810f8-8988-46e1-98a4-666a37ae3f25&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
Request Chain 523
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA5EU7I2-8AAB9htAQA1g&gdpr=0
Request Chain 524
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Request Chain 525
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e220401f70f478a7eff4e&gdpr=0&gdpr_consent=
Request Chain 526
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Request Chain 527
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
Request Chain 528
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137897998489&gdpr=0&gdpr_consent=
Request Chain 529
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
Request Chain 530
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=7sbWvfJ43j1m&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 532
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Request Chain 533
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZG33WQAAAMqUnQBI
Request Chain 535
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1600537308 HTTP 302
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DRX-41237731-dd67-4c5e-b42f-b728337a3392-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=r1&refUrl=&vid=49283449033279299430715216000V10&ovsid=RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Request Chain 538
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8554c0d7-28d6-46b5-92e5-1a372b07fb50&gdpr_consent=null&gdpr=0
Request Chain 539
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b1a6935b-f581-4405-9082-d8cc2a0cfc83&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 542
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Request Chain 543
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmUE9LSVlYVExTZUNubGR4U1VaUDg4Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZlBPS0lZWFRMU2VDbmxkeFNVWlA4OGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZlBPS0lZWFRMU2VDbmxkeFNVWlA4OGciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZlBPS0lZWFRMU2VDbmxkeFNVWlA4OGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZlBPS0lZWFRMU2VDbmxkeFNVWlA4OGciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=9afHEdWncVDRMKR3a5-eHFHuA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=2430710121420823435&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 547
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 549
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
Request Chain 550
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Request Chain 551
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-8R_nDdxE2pkzxJDMAH4Z_c9MguyHHMcdSudE1Q--~A&expires=5&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
Request Chain 552
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Request Chain 553
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Request Chain 554
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e2204019d8a537ced53ec&gdpr=0&gdpr_consent=
Request Chain 555
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Request Chain 556
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=CA1C474D-DB53-4993-A29E-3BE3E71F2CD0&gdpr=0&gdpr_consent=
Request Chain 558
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
Request Chain 559
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8142337278588068361&gdpr=0&gdpr_consent=
Request Chain 560
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Request Chain 561
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137899833488&gdpr=0&gdpr_consent=
Request Chain 562
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
Request Chain 563
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=n3LC7FEub50d&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 565
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZG33WQAMcZ4JegAp HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZG33WQAMcZ4JegAp&gdpr=0&gdpr_consent=&_test=ZG33WQAMcZ4JegAp
Request Chain 568
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4855094341 HTTP 302
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Request Chain 571
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8ad95624-2103-4df6-9f01-7f712a1e7646&gdpr_consent=null&gdpr=0
Request Chain 572
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e89b19df-823a-4e70-9b41-c265f94ec0be&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 575
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Request Chain 576
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmOUpEYlFWTTNRcHVLRGk4VHBlZ2ZZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZjlKRGJRVk0zUXB1S0RpOFRwZWdmWVEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZjlKRGJRVk0zUXB1S0RpOFRwZWdmWVEiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZjlKRGJRVk0zUXB1S0RpOFRwZWdmWVEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZjlKRGJRVk0zUXB1S0RpOFRwZWdmWVEiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=9afHEdWncVDRMKR3a5-eHFHuA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=2430710121420823435&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 580
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vip-iugu.com&sn=ChromeSyncframe&so=0&topUrl=vip-iugu.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=gmuPQnw4ZHJJTjA5M09SQVB3dmNOUFBTdUxoeE8xeWVtWFl3cnkzK1VrUzVqVzVMLzdUc1ovRlAxQTR2VlkrbXNPemFmTFR0d2hQVkdjZlB1SHk3TzdVa0IrVlhBWVhOMFZkSjN1UWZXUGFvVUN0Y3p3OWgxcTNTQ2w3RHE0eEQ5OFNNZTFuMzJKNTkwYUQ3cTROWGs5cmdwMmhIM1NubXQxcmo3VkpJejJlcnE0MHVtREM4UnRZMkJqTER2UkhKRm0vWWY3dVVkcG95OXVNRmk3VkV4bGNxK0JJaFlNUjk3a0R2cE8xWHhRYXFrbDJFUFlZZVNPNlpkbE1vb0N5b05kSXZ2YzhiVmwzU0w4TFRIVzhYcDdTNEl0dz09fA&cppv=2
Request Chain 585
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=K5IyZHMN1Q1MPD5
Request Chain 586
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D59d8d7a1-b30d-4117-b1d3-268fc6501b02%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e1f8f63c98954d2fabdc4e20b67e730c&ssp=openx&bsw_param=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&us_privacy=
Request Chain 587
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5856040556656650501
Request Chain 589
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9229646d-f759-4700-95c1-383303285949
Request Chain 610
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG33WQAMcZ4JegAp
Request Chain 611
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=268&smartmap=1&gdpr=&gdpr_consent=&redirect=us-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=cb48b995552f7aca/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DF1rNcAsvjhWShRRVVVXMTgjg HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DF1rNcAsvjhWShRRVVVXMTgjg HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=F1rNcAsvjhWShRRVVVXMTgjg
Request Chain 612
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 613
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=E2KZsuFMiGOUO65SzOOXOw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 616
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
Request Chain 618
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
Request Chain 620
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Request Chain 621
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
Request Chain 623
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
Request Chain 626
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
Request Chain 627
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
Request Chain 629
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEOSU7I2-8AACBVUGRWWg&expiration=1686137945&gdpr=0
Request Chain 630
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yxKCxpsRgZXQH9DBmxaZwcwTgcPQQITDzRMhX9So
Request Chain 632
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Request Chain 637
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1
Request Chain 638
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&google_hm=2
Request Chain 639
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJuNeQIE-sCbuM_Fh0kMXHo&google_cver=1
Request Chain 640
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D
Request Chain 650
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Request Chain 651
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727906168966
Request Chain 652
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 655
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
Request Chain 656
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5856040556656650501&gdpr=0&gdpr_consent=
Request Chain 657
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236712137899833488&gdpr=0&gdpr_consent=
Request Chain 659
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT1NVN0kyLThBQUNCVlVHUldXZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEOSU7I2-8AACBVUGRWWg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEOSU7I2-8AACBVUGRWWg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Request Chain 660
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ld407ELKX49W5B1_4sBx81ze1BA&gdpr=0&gdpr_consent=
Request Chain 662
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 665
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 666
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Request Chain 668
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FmMoP0kMSw-DrL8khyL5dg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 670
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2184580283
Request Chain 671
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1663283F-490C-4B0F-83AC-BF248722F976 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmSEVkV25jVkRSTUtSM2E1LWVIRkh1QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 672
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY2MzI4M0YtNDkwQy00QjBGLTgzQUMtQkYyNDg3MjJGOTc2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 673
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRkuitHRKXo5Z54iiIEXi4&google_cver=1
Request Chain 675
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4354139647387671599
Request Chain 677
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1663283F-490C-4B0F-83AC-BF248722F976&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nB6CgEtE2uUov0c9F5gqw..xxNtZ1co-~A&gdpr=0
Request Chain 679
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727906168966&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 682
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5856040556656650501
Request Chain 683
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 684
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2f9d9f5a-94d6-48f7-b2a3-50eb1e37d001&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 698
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIs8pEYwv2HZXOoCKTekkUI&google_cver=1&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHee12_hgRm-cRR HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o-fSjVUaTWm9N57hKRaJkw2&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHee12_hgRm-cRR
Request Chain 699
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOzcOJstxqPnsQPaAAsYbsY&google_cver=1&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ6qcqM0nEXjP8hZwD2ZU-vO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ6qcqM0nEXjP8hZwD2ZU-vO
Request Chain 700
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOzcOJstxqPnsQPaAAsYbsY&google_cver=1&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc6GTflKWE-OI1C6EakTo2dX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc6GTflKWE-OI1C6EakTo2dX
Request Chain 701
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKZa-QME6s5-2eiQip3idXw&google_cver=1&google_push=ATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3%26google_hm%3DA0EjdzHdZ0xetC-3KDN6M5I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3&google_hm=A0EjdzHdZ0xetC-3KDN6M5I
Request Chain 702
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfVpCk_hGrGH7cEQUjoqwL3n0R-TMKknILeb6n-4rkgeoi7Hp1VUY61mdk2jVEWy3pUq5gqinZfTZVhMMVlAd_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfVpCk_hGrGH7cEQUjoqwL3n0R-TMKknILeb6n-4rkgeoi7Hp1VUY61mdk2jVEWy3pUq5gqinZfTZVhMMVlAd_
Request Chain 703
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEj2nBYW-bfgDS0LCLFI5XI&google_cver=1&google_push=ATf1kGNRoYFGWkVrpj3WjXkEAe99vLV8uqpWBEsElEolIqCG1gHNgQWKw2UDegPNQiNGHc4maSeTMEcWs2tzZRydDBVYPpx67VknaQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=59d8d7a1-b30d-4117-b1d3-268fc6501b02&%%GOOGLE_PUSH_PAIR%%
Request Chain 730
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Request Chain 731
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 732
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Request Chain 733
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Request Chain 734
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Request Chain 740
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 744
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dzem%26refUrl%3D%26vid%3D49283482043279299430715216000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283482043279299430715216000V10&ovsid=__ZUID__
Request Chain 745
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=orSuJq5Dl1WqZ7hV3hV0&pi=medianet&tc=1
Request Chain 751
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qgx3nxk5xz5x
Request Chain 752
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjhWShRRVVVXMTgjg%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjhWShRRVVVXMTgjg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhWShRRVVVXMTgjg&gdpr=0&gdpr_consent=
Request Chain 754
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=584360697
Request Chain 755
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:09247A3C1567485EB0C6C88506C52083&gdpr=0&gdpr_consent=
Request Chain 758
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 759
  • https://pixel.onaudience.com/?partner=214&mapped=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4354139647387671599&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb48b995552f7aca HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108cb618385e&zcluid=cb48b995552f7aca&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBqLV7YpGjqq4LZepKu6qCw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108cb618385e&zcluid=cb48b995552f7aca&zdid=1332

742 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vip-iugu.com/
Redirect Chain
  • http://vip-iugu.com/
  • https://vip-iugu.com/
634 KB
135 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.154.115.30 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.115.154.104.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
24962b03bd70f96a56853729353fba38e4c600a7706cab55604ec3a5df04482d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:01 GMT
ETag
W/"646c1b56-9e742"
Last-Modified
Tue, 23 May 2023 01:48:06 GMT
Server
nginx/1.18.0
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:01 GMT
Location
https://vip-iugu.com/
Server
nginx/1.18.0
cwc.es5.js
cdn.taboola.com/scripts/ 		743 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cwc.es5.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
IYbtgS7TGj76rfUv8k6SvppRdu.fLwnH
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
NMWX1XHP1HBWWEEJ
age
9375
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
405
x-amz-id-2
1oKRRXw/+MyzGpufRxOjI8vINqy+JBkQrYtJ/tjbwSer2q1pp1ig9doycPcX6oCYlEt/hPdCLao=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Mon, 18 Jul 2022 11:56:22 GMT
server
AmazonS3
x-timer
S1684928342.099665,VS0,VE0
etag
"c7297e1aade4377754403b305af75d61"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
6249
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
3BQVATR3PNDQADMA
age
20852
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
Y9o4BL9mxezMsF8lXJGpwRjBTWp8Hl3t9z2bCwGZghuBrJkulWA+OH8nu0xXazUv+yM706I9USk=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1684928342.099295,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
51687
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
EA70R503RF8Q0J0Q
age
15796
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
TCh2FE2JRIrxe21GFwwf3GsiM++m4jvP6sEy4mOCShrlxuwi2QrLUJVj+w5y2U9714Tq2KGncUU=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1684928342.281381,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
62240
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
GMK80JFW7ZJE2CVK
age
780
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
QGR/V2g8IL4WcGTYZt4cQKDoYiQKNnIpTm3QZvgvvo+tCRyUlSn5+O8gQciIIjFRSac0jK8+l4I=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1684928342.406595,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4203
spa-detector.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f179a27df8ba6a329b5d7c0bb35ec7a5dc75808e606e5c51a625fa5f0caba4e0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
0nPAEJ9Z2zC.y7bwkHkmkADUQTKGsK_X
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
0EEY3315CZT91EVY
age
95824
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
809
x-amz-id-2
oVydWhWT16Olkqr5uew/g2f1TOB5rtWOQ4ysgriGfyJwoq5FWXN58uVmBan44bkWJFNCn+l8Gxc=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:58 GMT
server
AmazonS3
x-timer
S1684928343.513645,VS0,VE0
etag
"5ed32fcaa4c6b4287ec2ddbe4e497cc7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7
explore-more.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e228aaa5baaa5f1355e4959ed4d934bf4e810b9f4d644705a2e3b8a6cf9f007e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Uz4HX.gg3quuaqPdp38M0GCzNVd8VzOZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
N47BZZ7MHBJ84D8M
age
95843
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8146
x-amz-id-2
obDdc5cLJOhzUNyh7UwMsuBH1KwJ+AsOssTbIVPmGBbzw6C+QiO5DEhYYIGkJqRzYiKUhuzSPFk=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:39 GMT
server
AmazonS3
x-timer
S1684928343.518372,VS0,VE1
etag
"309ff8b629a071ecce7263b16215e915"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1
userx.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6949875088ed0d2124b4d8d8c0b6669d24fad9bb395e7276445763cad60fa765

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
JUAR2RxrNyy.zVrj9_0MJXnd6.yRLYS3
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
0F3GGF42Y1H019K7
age
95812
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
1psFo0zyyNW9iTw+gXYTLvzjkHcOUK/XXyyHgOkxWObiIaVwUakVQt/mNxGIDDlBH/Mn+GJ0DQM=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:02:10 GMT
server
AmazonS3
x-timer
S1684928343.518557,VS0,VE0
etag
"789cbabbedd5b6fff1cf70d505826194"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4309
share-buttons-detection.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		1 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c15ee42da2aebb471fec6c5426bbcd95c87ea87a6ed81f23eed2e5a773614bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
EGhnbEPYKvapHJR3u3eB2FRD3O1lGdrG
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
V8AKVZ75ZRMWBWNA
age
95827
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
679
x-amz-id-2
oUoAffAm+Im3SitXyy03y0BWGc53JlmLl3pkgnQhjGvK/W42DZKBJLBM88hgW/V43qK2pOw5j44=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:55 GMT
server
AmazonS3
x-timer
S1684928343.518705,VS0,VE0
etag
"ba3ecbf1f5241e4683e4d41881f6133a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6
article-detection.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bee73f396d87abedb349269d1742aee9993b3afa26a42a9be8d8732f11fc94a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
x3qVOGnvPxLrCVQh5Q1gOn7uwESxAeyL
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
YD2KY5CQQ2XQVSXN
age
95853
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
mnPCwJSF6CLM77abkWcheVeVLMo1UXObfMDHvthGZ8+TiFdTaZ1JnUUKgX4o7PlHEdXgLBYYQeY=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:29 GMT
server
AmazonS3
x-timer
S1684928343.518693,VS0,VE0
etag
"64a860140642bd1f46ccf4d321218a89"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15385
distance-from-article.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89f767a4440e78be31cf23757ec3eec8f3c7d133a1af3dd787e6bc45e9bcb3e4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
vB_qsgb4B24gq2CCXCUjhHqdiYWUCgtt
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
160RKKDC885NP9VW
age
95847
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1135
x-amz-id-2
lNlGwhrtokMoEIu69XtwDqUsO/1hqNITEQGITAM2BkNoyH3u7OfhAtrIoK0neQfQcq+S5DP8nFk=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:36 GMT
server
AmazonS3
x-timer
S1684928343.519303,VS0,VE0
etag
"f729db76f7ef98d4acc97bfdfa684bb2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13533
feed-card-placeholder.20230522-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230522-8-RELEASE.es6.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c9b8157135bbffc8999f48e73a1814c222b1ea675e99ccd45e4f970b255f7bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
CcxbJPTntxVrjPSYWXtRqGKh2VsF6.Nb
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
TVRH9FPJKXP3N212
age
95841
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
In4KVats0uIpJJDxHAVf6he7sJ1ka4oalyjWF06UJeR2awAew9mtaXZLUHoNPz0qxk4ktELTiQg=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Tue, 23 May 2023 09:01:41 GMT
server
AmazonS3
x-timer
S1684928343.519313,VS0,VE0
etag
"e038dc1df19d303a070713af93e3dfef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12998
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
317233
expires
60
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl_page_level_ads.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 03:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
27729
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12848
x-xss-protection
0
server
cafe
etag
13833340073225968366
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 23 May 2024 03:56:53 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:26:49 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
last-modified
Mon, 22 May 2023 19:17:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
734
x-amz-server-side-encryption
AES256
etag
W/"d18b57a80b57082ffb531a2e077b3016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Dw0piG2l9P5Nr0oEDMICBK3NzAZ8KSsx5jqD3Q8eAJu100Ktnv6TEg==
cookie.js
partner.googleadservices.com/gampad/ 		387 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fdr.com.br&callback=_gfp_s_&client=ca-pub-8538744060850645
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a92a8a622a12b061f10be9979c811e8fa03fb55b60ade429c2b524bda454f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ilabspush.min.js
cdn.pn.vg/push/ 		186 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f892a337d2c62d9aa57e67273fdacbb8cf297f4827a30cf0b0fc7a5cc302f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P1
age
2097
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 May 2023 17:58:18 GMT
server
cloudflare
etag
W/"a031677d010b93a38a1306e1ba30e9b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb5BD%2FQ%2BcRpraLA6EBl%2FmQUBSDf6LnuWuwjZ92n3M%2FdFvZQye3EGJrcf6tAEBQ%2BgDATLLGWMNl7eE2M5sH66aD7ltG1Zd7dGbzh5KJTlM%2FxMZ2g%2BhcjlCYimcsMcPJ5Mt6lUJFGl410%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
7cc5417cc8962a38-CDG
x-amz-cf-id
cQllE2c6LABHrr5A0V3tVy1cvmTOQhKQvvVYDN0pL7SEZn0vGT61sQ==
impl.20230522-8-RELEASE.js
cdn.taboola.com/libtrc/ 		765 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230522-8-RELEASE.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6b997268b2fd895bbf751e7c61a0a5a99f8d0cf214b10f569a766c8b084abb77

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
weajWkcWHia4vo54gsLNdxuZLsa1gbqS
content-encoding
br
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
BD13PQKMFGW5NTB2
age
5209
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162971
x-amz-id-2
4mRXx1vLQRcaaw6LWouNIqKZBaL3bpdlStJd85chZbnrgFztwXVwz1ru971foj09wY7eNAPxc6E=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Mon, 22 May 2023 10:11:21 GMT
server
AmazonS3-br
x-timer
S1684928342.099112,VS0,VE1
etag
"e97d16f14c839eee579664b67a12d019"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1
load.js
widget.perfectmarket.com/gridmidia-network/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/gridmidia-network/load.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
842a5cb99887196f73dd5c03ac73a62830394e84ef6dc1b1bb90f7f4a060dfdd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
JnoUP_EMR2JjFyQvm1nWtC1L18v4YBFk
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
AX9ACDKTPD4YF072
age
189
x-cache
HIT, HIT
content-length
1187
x-amz-id-2
yNgnfhI16CUcGzxfgrOeKKogdX5sSOGSvwAHbxsCoJb1r4XB0qWXAtWyOKoEN6B1JNFbqiPvbSs=
x-served-by
cache-bur-kbur8200130-BUR, cache-lcy-eglc8600026-LCY
last-modified
Thu, 27 Apr 2023 09:58:48 GMT
server
AmazonS3
x-timer
S1684928343.558581,VS0,VE1
etag
"34281e19fba9e517ae555c6a6175965b"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2018, 1
303595464447727
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/303595464447727?v=2.9.104&r=stable
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb3c5e7f893bbec614c6800abfd0f97c0aa850b14203ade50dad371a0813d64b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 May 2023 11:39:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4UjcVJBRv1mkdOMz/im2Zc6TuTtcBx7ikPq2g86kghEeHS4hstrd+43QBd8y9zR7KycPHdi/+JiDpv4ZJTCfjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=12c90a183ffcdd4e63adc9e8896339d3
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
467f464aa1d74d2d34b4302688afcb79b9f61af29ddfba79bd470c5e8e2ba6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 11:39:02 GMT
content-md5
koWmJ3X7+LY/af2Y679Xww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87206
x-fb-rlafr
0
x-fb-debug
1DfYLyhRMc0MQ5SCvZcNTOsuRd9x67MrTaItvYJCiZWmbRj85QGTMHrbxtL1R8M/xu0nfbJQPF2mGo76D56Jtg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
b775ef43a051e0c1477ae10e99137b0b
cross-origin-opener-policy
same-origin-allow-popups
etag
"c38cdefe39180186042fbd097b45fa1c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 21 May 2024 21:52:40 GMT
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 		410 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__pt_br.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cae4aa55cc31f90e6cfa65cbed6cccbe0a0f78af9d863b3fb48372e5623c5a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 17:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167750
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 17:06:16 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 10:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3808
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 24 May 2023 12:35:34 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
38d689e593eeb507774fc1a7509b206ba316e17a26add68c8129c99afd38c8cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 11:39:02 GMT
content-md5
pWN0QHbZDb4sUQ4B2cJ6vg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
esWkqCeVUtkEmSBKa+Gi/0rKjMdKyCCGGHsV9Vb/25yvcQfDs5rB5W0Oy83SY0miIKJ210EEly+C3/y/pHkZUQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
7e2cada209bb71150d23026e3db956af
cross-origin-opener-policy
same-origin-allow-popups
etag
"c1a1f864e4ff4279d53859a7f187fd63"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 24 May 2023 11:58:18 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
6D35AXC8Y3E1ZBP2
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
Cg4kewsJRfwBw7D0XdU0NA7ARozd6bprJPQvP+yanejbqQ0CJq/4HgG1SP02gnrj6B3jwr687no=
tag
a.teads.tv/page/128515/ 		824 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/128515/tag
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30d6619f78dc4b5e77d9efc395852bb97a648678751792b3ad518eb1931254ae

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
499
expires
Wed, 24 May 2023 12:39:02 GMT
f757e01b-c7ab-48ac-9399-494e0609adc8.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/f757e01b-c7ab-48ac-9399-494e0609adc8.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b910e4605789c3746de76c0a3188e2d4452da933999a0ddbb7769fa6178c629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 33c6e91bdc193e34e8dcc80edc466018.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MRS52-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 06 Dec 2022 18:50:34 GMT
server
cloudflare
etag
W/"0b9e12c1ddf60e95a54787956877407e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOywRrcBgoQRmKab2SOaplgXNOv2UAn77zjkof8S7xZniMJGasABwWgSI9GOVJEHwtIzLmDwR5mxpykOwSeJBPWxluSyeRykHPnJvagySnRdeGE0xeW7a%2FkwQWz4H1yDuHICko0X7XA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7cc5417cc8982a38-CDG
x-amz-cf-id
HvfBzPDABEoaCEUK3FMka6AssqNIiGyUbIjU5eoycn7lTKgq2p2KTQ==
loader.js
cdn.taboola.com/libtrc/gridmidia-network/ 		599 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gridmidia-network/loader.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b2ad9bc6a935c50ac7b53254616ff80c96fc2630206f855284744db8ab1514b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
PReTIKjq5uGrhYv7JSXcwdBlaanG27W_
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
RMAY5AJBSJ6BEGEY
age
6024
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
55962
x-amz-id-2
foWNkv318nt3RjmaQRqat72r2+DW+4RFiQmER6rW+aPy4QbLzXdEx8BAzBG5ilwCOkKjAF3WpYw=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 24 May 2023 09:53:07 GMT
server
AmazonS3
x-timer
S1684928343.520185,VS0,VE2
etag
"3f8a63a5dd9e202c1218eb5bd129f244"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 May 2023 11:39:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27497
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1+N2jljM9tjb7V9vJVbRCSVO9eXnfWFNB1K3lEp7gV8evEzFFbr4k4xJEFs2RpV1xlDD0PdTpr5smDUvBuJMcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128061848484930
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f72beeb43a71e524d75f29e9ff3c6ef5ad1451f38ccfd5d9e46d01c5fbba8a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47187
x-xss-protection
0
server
cafe
etag
2636930961791291932
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:02 GMT
api.js
www.google.com/recaptcha/ 		965 B
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onLoadaf6609fc4046610fdecfa5c85ac73994&render=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04dde1b786e920066e73005aaf94f863e48ed73ced66f800d111d245ff41495d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
1; mode=block
expires
Wed, 24 May 2023 11:39:03 GMT
bootstrap
recomendador.gridmidia.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recomendador.gridmidia.com/bootstrap?site=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
5b4a610893f73da973010d78218696a6a80797be69a9061825e7a55f3a980d7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.23
vary
negotiate,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hb%2BcCl%2BvW5aWq5x%2B%2BV%2BT9zZspN0Yw6e34q6uqD1iWUd7E0PfvlHdgqMdE2J5yVKviLaIVcb1r2qBT%2Br0ccW9brfxXAJmbr8QKDsltUYE37U97Q788BK3ZSjRti0ZIoD9IopFJfRnrlVlLdVVMOcTznxcnsjkUrzmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
max-age: 7200, s-maxage=43200
tcn
choice
content-location
bootstrap.php
cf-ray
7cc5417fcebd3cb9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-generated-timestamp
2023-05-24T08:39:03-03:00
grid_aps_ads.js
ads.gridmidia.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.gridmidia.com/grid_aps_ads.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37142b39db74012425f59610a682b625d2ffb3198a9c123a3c38680f5b0aa35

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 05:25:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
195218
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftldkGdUX1%2B5NxFNZKUXX6339PpcoylptIWZWr8gQ4sLnZOupCSy79LfCYxSwefHYC8Q1LbHllj6%2FKne5NWhPVe99YL9%2Fc1PCnKlpYedTBSxwnkuXn76kDzHRyn84xZz6BojAp4uRduX23RTPAQmSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=302400, s-max-age=604800
cf-ray
7cc5417fc9fa0288-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid.js
ads.gridmidia.com/ 		263 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.gridmidia.com/prebid.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda3d373f6f5b5aa2fc5b844e2b9a55be0eac547e884ce4b76c09a8418580c8e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 05:09:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
196184
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EigdCvt7drPBx6MG42%2FaWQ%2FwRl6dh3PE4nhfYeWEuMHdG4V9%2FCUBKb%2Biv20ioQrdTrpCzXi%2FPOyoLEf8%2FGl6Hy8qP0xtvOja0kWyPhDTLFBmiLth7IVPQzQOLMYFljZ2kjt1%2B3zEk8Z4xxbi7dRoGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=302400, s-max-age=604800
cf-ray
7cc5417fca000288-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44acd3576631e31b8f44edad85eb0ca040551af63e719c4245f8dc65c575013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25309
x-xss-protection
0
server
cafe
etag
803 / 19501 / m202305180101 / config-hash: 11214031862051598875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:02 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 		354 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_fy2021.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f17ead3ea5041e6df9d9634dd9673569dbd4707013c96f94aec224de222e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122570
x-xss-protection
0
server
cafe
etag
4495007944852152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:02 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z3Y9B77KYR&l=dataLayer&cx=c
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31973ee663aa6f8fe440e31c7ed3aa3721686455fd22f3282f11812036107ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80525
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 May 2023 11:39:03 GMT
gtm.js
www.googletagmanager.com/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHKNJGH
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2572d71f4a5192ebdc1a4b3377c65823c2127cb5c71bb58f9b6073280ed80080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50342
x-xss-protection
0
last-modified
Wed, 24 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 11:39:03 GMT
gtm.js
www.googletagmanager.com/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=G-DP66X1YLVK
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1b3e4f25c362d4374f2460b23eef70652f51fb3c5fa86b8dd1c03c09f519514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80171
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 May 2023 11:39:03 GMT
t3m.js
tags.t.tailtarget.com/ 		305 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10969-0/CT-411
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6988d1a2ac4e6b0249a9c9a38b1c9e89dffb5b1477d8e1979e2432e661225f78

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 10:15:40 GMT
content-encoding
gzip
via
1.1 google
age
5003
x-guploader-uploadid
ADPycdva1rtR4HWm7-urnFooK7kw-75VWRqyAhTBlJZXNS7_0xLU6jSM1_mNs4AAmsto8I8rkzeRAJTrP8YQXQ7phRgtQQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26745
last-modified
Mon, 15 May 2023 18:25:08 GMT
server
nginx/1.8.1
etag
"88530d19946f0e78b5cabfbe1484b21e"
vary
Accept-Encoding
x-goog-generation
1684175108353659
x-goog-hash
md5=iFMNGZRvDni1yr++FISyHg==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
26745
accept-ranges
bytes
expires
Wed, 24 May 2023 12:15:40 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 02:53:12 GMT
content-encoding
gzip
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
37487
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
K5_yDVWyiAwLpczsdAHxxQ7FLjffI3wYapevTvVRkwX1kOmUOhzfjQ==
7e9c4ae4512236532cdf39f98e45170c.css
fdr.com.br/wp-content/cache/min/1/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/7e9c4ae4512236532cdf39f98e45170c.css
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
513d61d3007c8f6d35a4321beea67fbab2d4d64c9ad9d80bd6f0edbfa733926c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:26 GMT
server
nginx/1.23.1
etag
W/"646538ea-12182"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:58 GMT
ratemypost.ttf
fdr.com.br/wp-content/plugins/rate-my-post/public/css/fonts/ 		0
0
proxima_nova_bold-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
proxima_nova_bold-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
roboto-regular-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
roboto-regular-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
roboto-bold-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
roboto-bold-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123025
x-xss-protection
0
expires
Wed, 24 May 2023 11:39:05 GMT
api.js
www.gstatic.com/readaloud/player/web/api/js/ 		461 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/readaloud/player/web/api/js/api.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63c7b95576f35b85b95a5a40b0a5c1ad33dc31ebed1917afe2e1c6667a12282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 10:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161285
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 08:21:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="speakr"
vary
Accept-Encoding
report-to
{"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 24 May 2023 11:45:24 GMT
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11458372-19
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f7ea7ccaa39b1b85704f05b54e7ddd09a0b70a1b48cc0b4ef06664aa5c6fa75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46655
x-xss-protection
0
last-modified
Wed, 24 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 11:39:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8538744060850645
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dc10baf81aaa5882d22a2af7063b6a28c6992c2ed2e26de0851a23a18d1baee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47183
x-xss-protection
0
server
cafe
etag
814121776315684500
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		407 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 07:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
13943
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128419
x-xss-protection
0
server
cafe
etag
9945815184239927542
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 23 May 2024 07:46:39 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		600 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
142c015055316ec61082ceb38ff7b6862fe4e90069e0df0f510082f1b50bfcc8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
last-modified
Wed, 24 May 2023 09:03:07 GMT
x-amz-request-id
1K0C38V90T2TZY6S
etag
"78c39920cedbcf8c296b7fb019813d4f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
d
accept-ranges
bytes
content-length
133910
x-amz-id-2
w6IDwAHadrmEqYQfQ853+avd3U0o6LksnwkU6jdHgWJ/qObptPTcs19GUD0BZVjZ3FIaZiYjNbA=
expires
Wed, 24 May 2023 12:09:03 GMT
integrator.js
adservice.google.com.br/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.br/adsid/integrator.js?domain=fdr.com.br
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fdr.com.br
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:29:25 GMT
content-encoding
gzip
age
346177
x-guploader-uploadid
ADPycdtnFX3mIIUnjOKB31rKkAS2R8f4Sr5tvPvUWqrVG-4rsgtv5UGqwyQa4pOrxxSCkAsg2sQ5R9ORGXMYsCqwTrxd-Hb47YRj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 May 2024 11:29:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 May 2023 11:39:02 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 May 2023 11:39:02 GMT
x-content-type-options
nosniff
content-encoding
br
age
1176
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-lcy-eglc8600031-LCY
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
N6SJCSCN213BFX7P
age
2323
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cc5417ae8a1d6c6-CDG
x-amz-id-2
PN1IvmZmBRkeRev5P1RLtoMoozxa9eQElnYZOhNdQt7bHaFR4+5mjj1P6CMeYKj3dERNNzRAitQy09qBJWb98g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 10:50:58 GMT
via
1.1 google
age
2884
x-guploader-uploadid
ADPycdvfovjaG98nw_5KLAsyTSU7Cr8JV6ZxNY2Gm9ZTU1qebPsnqQ2B-kZcpYvt9jo-6TZbZVyyIhuiZtf-uXwDc9lHdmX5o0nj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Wed, 24 May 2023 11:50:58 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 05:55:31 GMT
content-encoding
gzip
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
23655
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
pJxhDYyRnM0lMQl4JZZs0rAFQc2qeOoVTh54yR97Fb1yk58awxnOEw==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:a000:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 02:36:56 GMT
Via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
32527
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
_QSNrMN-jUqLmdluuHWwPXzAlAlsbBhYDGJUrNtu4SfCfvd2IIyjpA==
pmk-20220605.2.js
pm-widget.taboola.com/gridmidia-network/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/gridmidia-network/pmk-20220605.2.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e2b7210d5e0c160cc0293f1412fb8f3aa670dcb4609826fd3516d709b4e12a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Tfn3VWYDsk11pFXtnOTPiv3MSWfqSgNa
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 24 May 2023 11:39:03 GMT
x-amz-request-id
QCH63SS4SN4TNYQQ
age
702303
x-cache
HIT, HIT
content-length
30042
x-amz-id-2
6DVFrN37Wqgdc1N+A5Sv57nONnoq8JswncwNu7q+SPpRAb37weqIp7Jcc3mca1YdaFaUM4Pyhxg=
x-served-by
cache-bur-kbur8200079-BUR, cache-lcy-eglc8600041-LCY
last-modified
Thu, 27 Apr 2023 09:58:47 GMT
server
AmazonS3
x-timer
S1684928343.033422,VS0,VE1
etag
"eaa0afbfb959f681a39cfa78570e8421"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1274, 1
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a527 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 5402e178a9a12e26b4a64f83dfd20d10.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG50-C2
age
1024
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 May 2023 17:43:50 GMT
server
cloudflare
etag
W/"d83660b1645b3c67ae586e71ccd92e33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4U1vbXi38U5gd2ySRJ3V4H31kgzZWbgtzgO0AIDsHcXCE51zK97JWRpDw7AciCdp5qPDc6supMW5fL5mdIfXznvjazMgvRWY3u22drsig1i%2BiVYj0X5tKUk10HHhNl5mUrV%2FYynFRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
7cc5417aeebf2a38-CDG
x-amz-cf-id
l7UBbTjeK3cMHuTGrrSQM7LO6mx4vqi30vmzpmgMzr3npLCyAfTYFQ==
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/132128.328.0/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/132128.328.0/UnitFeedManagerDesktop.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be95fcfef8b782ee5f2f61a4adf5bb27d8139812d7640137e1f8f12d41a4073b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 b3d26bb0853726fb30b0576bc254ef10.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LHR50-P1
age
1941585
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
31019
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 29 Mar 2023 13:57:28 GMT
server
AmazonS3
x-timer
S1684928342.168667,VS0,VE0
etag
"5f6b2fb433978f2d58314fde76eba0f6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
4cgNysE2JhyXHEhX1zGjh_ZpNayYUpHKwn3bCZc4c3MQvTWZOW3oug==
x-cache-hits
2381
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/131781_256/infra/ 		890 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/131781_256/infra/cmTagFEED_MANAGER.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f7dac3af3c01cb6b74ccf5cd9d195a76fd90acfe304caecf5c3c6e1f66f5f93e

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1679929932
date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
4QGXZAH55DSYCD54
age
2365642
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1679929932
x-amz-meta-mode
33188
content-length
150294
x-amz-id-2
/84COTTNem84EwyAB4nsbafIQlqWnUiBvKzgk7o/WwiiRgAsyl6uA4sq+Ouyq2OzybYTE8lvW80=
x-served-by
cache-lcy-eglc8600037-LCY
last-modified
Mon, 27 Mar 2023 15:12:13 GMT
server
AmazonS3-br
x-timer
S1684928342.208797,VS0,VE1
etag
"1dfff0d9a8eb187c2a86abab0d62c841"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
cmOsUnit.css
vidstat.taboola.com/vpaid/units/131781_256/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/131781_256/assets/css/cmOsUnit.css
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1679929949
date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M5NZBW6YXRA8E0R5
age
2406275
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1679929950
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
0rRX70MuY1xQl9s2PEyhe0UOaB63HkRr3u/z3UOXZGHo6BvZO9jwKDmPWgT7A8IB+5uQsh89gao=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Mon, 27 Mar 2023 15:12:31 GMT
server
AmazonS3-br
x-timer
S1684928342.169260,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
127884
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.9/ 		437 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.9/OvaMediaPlayer.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
3313b515f9e3a017f08aa623d6cd9f0782bc7e8954f3eede67830f890129800a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1684659665
date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
MXDZW12FR1TTC15R
age
268598
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1684659678
x-amz-meta-mode
33188
content-length
84387
x-amz-id-2
3aK6ydJsrwv31D0UzSbi+pc1KFav2MxP87ok39GdYE4WOHkiI4TpCtnSm44BaHG/LqdWOImJNws=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Sun, 21 May 2023 09:01:19 GMT
server
AmazonS3-br
x-timer
S1684928343.520054,VS0,VE5
etag
"95bbcd59ca45484a25ac08641b1056e4"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-mt-cache
HIT
strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 11:39:02 GMT
x-cdnterra-cache-status
STALE
content-length
2774
last-modified
Tue, 24 Jan 2023 18:51:52 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
117596141_315265633157406_1682822696226249894_n-75x75.jpg
fdr.com.br/wp-content/uploads/2023/04/ 		1006 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdr.com.br/wp-content/uploads/2023/04/117596141_315265633157406_1682822696226249894_n-75x75.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 / PHP/7.4.30
Resource Hash
bad27054e5563d02112308b1faa84bb5e523e070e7a57ba728de6a497090c0bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
server
nginx/1.23.1
x-powered-by
PHP/7.4.30
content-type
image/webp
data2-cache-status
EXPIRED
data2-cdn
DATA2-BR-2
cache-control
max-age=315360000
accept-webp
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
economia-financas-dinheiro-real-brasil-fdr-8-750x406.jpg
fdr.com.br/wp-content/uploads/2023/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdr.com.br/wp-content/uploads/2023/01/economia-financas-dinheiro-real-brasil-fdr-8-750x406.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 / PHP/7.4.30
Resource Hash
6fca3e3dccdb6cdcf4177cf62a6beb6f7f7c3824082b90d9791936386bf5d4a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
server
nginx/1.23.1
x-powered-by
PHP/7.4.30
content-type
image/webp
data2-cache-status
EXPIRED
data2-cdn
DATA2-BR-2
cache-control
max-age=315360000
accept-webp
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazysizes.min.js
fdr.com.br/wp-content/plugins/ewww-image-optimizer/includes/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Mon, 06 Feb 2023 15:29:24 GMT
server
nginx/1.23.1
etag
W/"63e11cd4-3860"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:24 GMT
jquery.min.js
fdr.com.br/wp-content/themes/fdr/assets/scripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/themes/fdr/assets/scripts/jquery.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
7cd7b7e44c8f9f5f4b9e6c9d6302de0f5b373a8c37c7c5dccefe42e50722ef42

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 20:33:48 GMT
server
nginx/1.23.1
etag
W/"62e04fac-15be7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
rate-my-post.js
fdr.com.br/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/js/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
9ec1b65aaae35a1466449c4da2ba06ebb3ed9512fedb64dae7e55cae7f16d4f2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-5f95"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
jquery.auto-complete.min.js
fdr.com.br/wp-content/cache/min/1/ajax/libs/jquery-autocomplete/1.0.7/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/ajax/libs/jquery-autocomplete/1.0.7/jquery.auto-complete.min.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
d98a829a816ae5c0f4d89d95b56bcf31d2ea90d6a6a49c48f13c8f8dd0620563

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-f03"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
comparative.js
fdr.com.br/wp-content/cache/min/1/wp-content/plugins/comparador/js/ 		3 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/wp-content/plugins/comparador/js/comparative.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
92969b8a231bd4bf6b2759595bab52a1a3a841ea99d5b31cd18fafef62938914

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-bd0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
lazysizes.js
fdr.com.br/wp-content/cache/min/1/wp-content/themes/fdr/assets/scripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/wp-content/themes/fdr/assets/scripts/lazysizes.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
ea9c86be74ab4655f4a7b95e53f82c3b89ec26922cda252e7e7a4d997de4bb70

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-1bfe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:34:13 GMT
scripts.js
fdr.com.br/wp-content/cache/min/1/wp-content/themes/fdr/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/wp-content/themes/fdr/assets/scripts/scripts.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
745456eb15b130594bafc8415421d95b16f60e2d25311443fd348e560576d382

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-96d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
close.png
fdr.com.br/wp-content/plugins/modal-link/assets/img/ 		194 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdr.com.br/wp-content/plugins/modal-link/assets/img/close.png
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 / PHP/7.4.30
Resource Hash
59816f4c296172650ee886e65e74879fc9df50e783f22825c67d71495a1f3aed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
server
nginx/1.23.1
x-powered-by
PHP/7.4.30
content-type
image/webp
data2-cache-status
HIT
data2-cdn
DATA2-BR-2
cache-control
max-age=315360000
accept-webp
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
13-salario-do-bpc.jpg
fdr.com.br/wp-content/uploads/2023/05/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdr.com.br/wp-content/uploads/2023/05/13-salario-do-bpc.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 / PHP/7.4.30
Resource Hash
36e56551608c3f638639a589103f8d010a881c31415be286e6672e2464cc9432

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
server
nginx/1.23.1
x-powered-by
PHP/7.4.30
content-type
image/webp
data2-cache-status
EXPIRED
data2-cdn
DATA2-BR-2
cache-control
max-age=315360000
accept-webp
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie.js
fdr.com.br/wp-content/cache/min/1/wp-content/plugins/modal-link/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/cache/min/1/wp-content/plugins/modal-link/assets/js/cookie.js?ver=1684355305
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
88c25d1f75182f31a3d1dddec61ec22ffff989cbf09c8b845428701df8276e28

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 20:28:25 GMT
server
nginx/1.23.1
etag
W/"646538e9-68f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:28 GMT
front.min.js
fdr.com.br/wp-content/plugins/modal-link/assets/js/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/plugins/modal-link/assets/js/front.min.js?time=1684806457
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
15cce92df3d3ac619f069cb81a99928e863a5d649b59cfa1eed8846cf4efe025

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 13:36:04 GMT
server
nginx/1.23.1
etag
W/"632b1344-516"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
MISS
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:39:02 GMT
metrics.js
www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.terra.com.br/globalSTATIC/fe/zaz-app-t360-navbar-partner/_js/metrics.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e90435ac3c24ff6afe8197a366adb76938bd5b646793fd69002d1113aa16673f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-mt-cache
HIT
strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 11:39:02 GMT
x-cdnterra-cache-status
HIT
content-length
1111
last-modified
Tue, 14 Mar 2023 20:50:05 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
content-type, x-cache
cache-control
max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Content-Type
script
www.terra.com.br/api/igniter/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.terra.com.br/api/igniter/script?s=t360.navbar.partners&p=absolute&async=true
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
54441e64145a553be7945a2627e939adeeee63fb8e51fd37415b8b7e488afc3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-mt-cache
STALE
strict-transport-security
max-age=15552000
x-http-reason
OK
content-encoding
gzip
x-igniter-uuid
519a8414-b0a1-4f73-8687-cc777cf6b0fd
date
Wed, 24 May 2023 11:39:02 GMT
x-xact-uuid
08cb2519-4053-4808-ae9d-b81c4cb46bff
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-xact-montador-time
1684928240
cache-control
max-age=30, stale-while-revalidate=60, stale-if-error=864000
content-length
1079
lazyload.min.js
fdr.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fdr.com.br/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
content-encoding
gzip
last-modified
Mon, 06 Feb 2023 15:30:18 GMT
server
nginx/1.23.1
etag
W/"63e11d0a-2063"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
data2-cache-status
HIT
data2-cdn
DATA2-BR-1
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
expires
Fri, 23 Jun 2023 11:37:24 GMT
truncated
/ 		339 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba347357d1a19f9c51513dabc215f7d388172b55c1686f55b7d17deda90e0a96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		338 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13b9799c0cd6a23d6f4fdda4397d3b9cf6c44157698616e3e4f6972dd1390b91

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		82 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
293b99a0c3752d64f7d0c79c43811dfdd58bc823a2d60bedd0700ed38a92f09b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
907661444baeb1c086a2e8b3cf766ec1592689ed2c927b5011f13840752f6ab5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		238 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0c69952a16598d69a04bf5c9fc057588c61aee8bfbe38eec8d3e30c054c2fd0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		603 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
769a38b0eea56706a98cbec21c825eac028e372435b9daaa0e56eaf6d8fd06c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.130.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-130-244.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5339348e1162be271a396e08909c4c2eef221f0c5dffc244c966f56e23ca2837

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache
x-server
10.45.30.196
access-control-allow-credentials
true
content-length
60
expires
0
container.html
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE29 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:02 GMT
expires
Thu, 23 May 2024 11:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ff55a30c03fbba0a148855dc6c8334bb3c3c4d833519dd7ed78df5ab30465bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		487 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66414882adccf560a7790b4b8993f7d61a6470ad7872c98b1d9ff7d4b26405d6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		566 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
511deaef8f5cc364ceb48f569e6db78230781e766d88740f13ba809bfafd26bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		855 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd91ab6a0bee607b6f6935fccab293c790ea25ce74f8b1bb286495f2960af21d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae3e5f4de112f53bbf78993ef63ca28741c27c57a1a25635af684897f1dd995

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09c7337df56735b2aa57e5be9965b98c920c30e04c4ee84a407cf418cb8c08ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
proxima_nova_bold-webfont.woff2
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
proxima_nova_bold-webfont.woff
fdr.com.br/wp-content/themes/fdr/assets/fonts/ 		0
0
truncated
/ 		134 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d4188bba4f93c903ece2c0b785860cdeec6d8f623552f444fbcb0d796adfb13

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		233 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a4a96faebc23c34fa780d756b631f65adb83e98c06e085b46f32e8c6151c736

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		106 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ea3d7ab54fa61d4a9d0d06c7e8ba153bce5219b4561bc9dabc3bb208953198

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		61 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69dd68a144929065062236a040c3fd8a276c55736a91d532d4542aa0e0e02c80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		131 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75eff088a3f0aaaab7aaab4785641d106857cb9d2c91b9bdad90503dd7e84749

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a17a893cdbe9148e3b378916284f9712c44c40bf247db4e7ae5053be2ee8cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
container.html
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8124 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:02 GMT
expires
Thu, 23 May 2024 11:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
EASS3G2EATFV2E1E
age
3
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
wBz6g6p7yi9PVgxkR4Q1YNNC8AxWM3VzYyVN9UXQE73QDZ58hknO6Qx2zUQaam+DfX80dpfgL08=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1684928343.656735,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
1
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
13
naom_6378a49aa4166.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/03/naom_6378a49aa4166.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
19c3afe3615504a7cebfecde0c332a28a906449627ac11d87288cd4771708c3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
79
date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/03/naom_6378a49aa4166.jpg
age
306150
edge-cache-tag
432009725204969492861664960367297524909,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
432009725204969492861664960367297524909,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
197
expiration
expiry-date="Tue, 23 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://fdr.com.br/
content-length
2784
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100140-IAD, cache-lax10679-LGB, cache-iad-kiad7000066-IAD, cache-lcy-eglc8600041-LCY
last-modified
Sat, 22 Apr 2023 23:16:27 GMT
server
nginx
x-timer
S1684928343.048810,VS0,VE79
etag
"ad831bbc03f4f629664566b913a1852d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 varnish
x-amz-request-id
1D8ABR7SQEB3Q5HC
age
9231
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
PLuHq4g7470cdOrMKDIH/jokgfKlCJZD9qMepv2rK9pr4R9jZwWTzgZ/jsU6qGXmzkMAH8eyffc=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1684928343.656852,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5707
montagem-eleicao-1-3-750x450-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/05/montagem-eleicao-1-3-750x450-1.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7139acb6ecaa8536e69bcb35b1f70ce5b18c5b3efd13a83e075c7c60e4b4d565

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
77
date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/05/montagem-eleicao-1-3-750x450-1.jpg
age
64219
edge-cache-tag
494057587724018454780777108294315296107,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
494057587724018454780777108294315296107,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
222
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://vip-iugu.com/
content-length
3368
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200048-IAD, cache-lga21958-LGA, cache-iad-kjyo7100042-IAD, cache-lcy-eglc8600041-LCY
last-modified
Thu, 11 May 2023 17:00:33 GMT
server
nginx
x-timer
S1684928343.049197,VS0,VE77
etag
"fc77296a38b7b7a38162dd62bc16ae28"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 0
luiz-inacio-lula-da-silva-candidato-do-pt-ao-palacio-do-planalto_1_42155.webp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/04/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/04/luiz-inacio-lula-da-silva-candidato-do-pt-ao-palacio-do-planalto_1_42155.webp
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6886142d64d3a0bc2fd133cdf12f1b5b2e30f62e9ea760f3e777ab4ccb9a28f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
78
date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//fdr.com.br/wp-content/uploads/2023/04/luiz-inacio-lula-da-silva-candidato-do-pt-ao-palacio-do-planalto_1_42155.webp
age
68965
edge-cache-tag
448982327305564464094245160000857339331,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
448982327305564464094245160000857339331,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
143
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://vip-iugu.com/
content-length
4098
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100073-IAD, cache-iad-kiad7000059-IAD, cache-chi-kigq8000046-CHI, cache-iad-kcgs7200110-IAD, cache-lcy-eglc8600041-LCY
last-modified
Thu, 11 May 2023 20:00:51 GMT
server
nginx
x-timer
S1684928343.063601,VS0,VE78
etag
"6949425efb5a4974ff19fd5feba6e102"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A87 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8538744060850645&output=html&adk=1812271804&adf=3025194257&lmt=1684806457&plat=1%3A1024%2C2%3A1024%2C3%3A2162688%2C4%3A2162688%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&ea=0&pra=5&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEzLjAuNTY3Mi4xMjciLFtdLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMTMuMC41NjcyLjEyNyJdLFsiQ2hyb21pdW0iLCIxMTMuMC41NjcyLjEyNyJdLFsiTm90LUEuQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1684806461648&bpp=3&bdt=2358&idt=2310&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2485162687399&frm=20&pv=2&ga_vid=2095949300.1684806461&ga_sid=1684806464&ga_hid=840685914&ga_fc=1&u_tz=-180&u_his=9&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1017&bih=620&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782468%2C44788441%2C44792645&oid=2&pvsid=3671398093396860&tmod=803941731&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=2697%2C73%2C2697%2C73%2C2560%2C0%2C1050%2C708%2C1034%2C620&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2330
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame F035 		51 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
baa9aabc4731dfe005b8c4327b460a3806c93494e87ce1f70686617f2c9ce2ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wcSuVCB2iHw6i88XbBGBOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28902
content-security-policy
script-src 'report-sample' 'nonce-wcSuVCB2iHw6i88XbBGBOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
impl.20230524-4-RELEASE.js
cdn.taboola.com/libtrc/ 		765 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gridmidia-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
t9nWNqdjwleYeaIa8NvehzVZfV40XOv9
content-encoding
br
via
1.1 varnish
date
Wed, 24 May 2023 11:39:02 GMT
x-amz-request-id
7BMES9WS726QGS9D
age
7964
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162878
x-amz-id-2
yfmWVMdq6DoU6l1wEyKUsi1zdEVe+MpoJr2JAd1Uf074MonQrzUxtxHMH1LBbrt7c4vkz6Fib28=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Wed, 24 May 2023 09:26:19 GMT
server
AmazonS3-br
x-timer
S1684928343.746534,VS0,VE0
etag
"8207c55f07b51b46234d18f87fca31ce"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
23990
iframe
sync.teads.tv/ Frame FB80 		153 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=141044&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=139b6628-da6d-4243-acbe-afd4541da678&vid=08cbff2c-8c6a-4726-8909-e44adcfc6732&1684806466100
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:03 GMT
expires
Wed, 24 May 2023 11:39:03 GMT
pragma
no-cache
server
akka-http/10.2.10
container.html
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:02 GMT
expires
Thu, 23 May 2024 11:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8773 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=fdr.com.br
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:02 GMT
server
Kestrel
server-processing-duration-in-ticks
443370
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sdk.js
connect.facebook.net/pt_BR/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=aac7d8c25c2bc6cd81c9dd8b743cb9f9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
632575ce3db0542e746998458f980c958f960302ab70b43879eb3a184984bc18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 11:39:02 GMT
content-md5
4jc1imD7gWaSw88x0/UXvw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88665
x-fb-rlafr
0
x-fb-debug
y5GJ4MjH6UUm4EziysUQbub6SDmK6f7mtloeKQJijLzlDqqd3AzJ+zEgJREREV0lhLyvn5wHkUEWUcEDrXUsOg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
f4e7d2ee67343cf6060183ecaec61578
cross-origin-opener-policy
same-origin-allow-popups
etag
"3026eaed141cf976d03f5cf796a36993"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 23 May 2024 10:36:23 GMT
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=713924905&t=pageview&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1033735690&gjid=352806148&cid=611117631.1684928343&tid=UA-54936151-1&_gid=444436593.1684928343&_r=1&_slc=1&cd1=economia&cd2=&cd3=fdr&cd5=economia&cd4=contenido_digital&cd9=alianza&z=2113580129
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Zn8hhYykvI5q_kGEAoXipXbW2wefRjOlmWWNv7XBj6e0Xc49OJ3oYA==
iur9eawsgspdvggwf817.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1681412104/ 		261 KB
262 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1681412104/iur9eawsgspdvggwf817.mp4
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b814bf19e372e4b3485f1544dfd5382a33e48e4a91c0f182c85e8fef4ad6ecd

Request headers

Referer
https://vip-iugu.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
7yVUKbmK10aO3IwllUBCfssiOq9OcOv6
date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 varnish
x-amz-request-id
QNKM1KR7YJ3FCYB9
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
Content-Range
bytes 0-267351/267352
x-amz-replication-status
COMPLETED
Content-Length
267352
x-amz-id-2
Y7yOVpPlqhekTwEDEhDj9PMAcS3ouCtYYtT9oyJxO/W7oDNgc4O08zwSIkjCFHlm49Fo4OIHeQY=
x-served-by
cache-lcy-eglc8600041-LCY
last-modified
Thu, 13 Apr 2023 18:55:12 GMT
server
AmazonS3
x-timer
S1684928343.994869,VS0,VE336
etag
"69acb3b4a29ecc6b469b32a847442d18"
content-type
video/mp4;codecs=avc1
abp
1
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame 88D5
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt&dcc=t
65 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt&dcc=t
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 24 May 2023 11:39:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BWTRG4QSADWXPMPB3THC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 24 May 2023 11:39:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_ym_smrt&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FS7JAMXT0QBZBWYRSPQ0
pd
google-bidout-d.openx.net/w/1.0/ Frame EF50
Redirect Chain
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
520 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c903ea8907d3f1da969555bb69e6d5beebc6b5e65c3a40dfb4831c179d018854

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
328
content-type
text/html
date
Wed, 24 May 2023 11:39:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 24 May 2023 11:39:03 GMT
location
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
st
imprlatbmp.taboola.com/ Frame CCA7 		0
126 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprlatbmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&cmcv=&pix=undefined&cb=1684806467053&uv=131781256&tms=1684806467053&abt=nonrv_vA!ntvc_vB!smbs!tbt_unit!ufm_vE&ru=https://www.google.com/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=41074c90-51f0-4d1d-835d-b91d275aec7d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 24 May 2023 11:39:03 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy-eglc8600041-LCY
x-timer
S1684928343.024995,VS0,VE142
sync
la-match.taboola.com/ Frame AC35 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://la-match.taboola.com/sync?dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
af0b4cde1bc791fa168bb2bbafee92f6b3730ed5b008514ee52d25a684efef80

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 24 May 2023 11:39:03 GMT
machineid
3202
server
nginx
fpc
at.teads.tv/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vip-iugu.com
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 24 May 2023 11:39:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame F346 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8538744060850645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
45870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 22:54:33 GMT
etag
15057649708203361565
expires
Tue, 06 Jun 2023 22:54:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=624959032072979&ev=fb_page_view&dl=https%3A%2F%2Fvip-iugu.com%2F&rl=&if=false&ts=1684928343158&sw=1600&sh=1200&at=
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 May 2023 11:39:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sync
la-match.taboola.com/ Frame 6C40 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://la-match.taboola.com/sync?dast=V8xbACLAYETyxAcLrmFxAInliA4HTNLygAAABgYID-AAktBrvRxjlYqxYzw1o0cozcws1q5JY4FyPLbrVweXwjIyChxWA32jgHa9ViZliLRo6RW7hZjdwS52Jk2a0WLo9vZAUkxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQUX3md4gDE2nw-e618tMlrvG77ZLLH_JYLLZC0Z7yWyv-rwelqff85a8zA7Tw-0WOW1Oj-tscphcbpXbrXl4HJa3yGk3upyWv1vk8pwebo3fbnq4RU6f0_Qw--UAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgA4OCfPwGwQP19nvDwAAAAAgAAAAAEgAGEw-lwAgeZg48f________8fY4A-80bG_____42EHgAPPgAehAAAAAAN6eXb_RRcVpAlQjBchBEAAACA4FtskCOTdIKKRZX___9-KwBXAAACEI2U5Mqy6A5KvIUBAAAgENORBUJPu3SCOmaBHha_3-ywa_xul_n_________N_N_5h9NMG8UexphnUxNNb-AAABrfgEBANioGwCANwFwQs4Fmk6Hz3Wv1_1-d53f7zO77Bq_2y86BK0YDFYnIGYHAAAA4M7___8_no4sEHrapRNUPSA0Wg4Xlt1qMpjMRi7jbDQamWwmy26zWTmMI5fDe9ZUCwlOVbjx-5gIy-z3HRSU09NjdhlERdfbYnc4zZ6Diu4zHcQHDcNyMgjmZ8IWo9VkslkOZ8vFZDAcDUej_RmIxWaAJmKwXE4mi8luNVqNNsPdaDZYIIEYTBBFiwaT1Wg0WUyGq9FkNVsudrsNomjVajbaDIar2WS2262Gg-FyNEITthitJpPNcjhbLiaD4Wg4Gg0RzPgWpuXCt3CrDAvbWrQY2dwSk8Oy1qxmtoVlORuZVra16PUxXWyryWI13CLBALG9SJ4W6URinC0mxpnD45y4fBuLabSaWUwrm2fjG25mHtNqIpZoThbpRHbZl0bL4cKyW00Gk9nIZZyNRiOTzWTZbTYrh3Hkcvg7voVpufAt3CrDwrYWLUY2t8TksKw1q5ltYVnORqaVbS16fUwX22qyWA33jdlwNBzMRrPRvjEbjoaD2Wg22ncYvEfZdnbz2CTO4-JlsTkNCpfB5h2pV4tjQXLwnDxHp87hURZ0Rr_f7_f7_X6_3-83aD0Hs0Hh-02HVr-2o_2WE7uD2KBQxBLBRTrRWZ4mt9PkdLhlJstFLFGaLtKJXjKYbPaC0V4y26s-r4fl6fe8JS-zw_Rwu0VOm9PjOpscJpdb5XZrHh6H5S1y2o0up-XvFrk8p4db47ebHm6R0-c0PcwWsURwukgnopfxdFH_kUMsN3PFcDOXLGZzzWSVAAAAAAAAAAAswSTTTQAAAACcDGizGKxW63Qgm9lmsVotF8AEj6Wun2GbbrPYK-Zd4U0BxHSF2JLFGnus4SxPk9tpcjrcMpPlygAg7IKYbfYZQazValkDAAAYwAYAABDATTfeBKZQcf_____jAAAAyMihBwAAQL8PSAlm9FqhJ45fQQyGw8n-AagQa7Va3W6s1WoB!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
af0b4cde1bc791fa168bb2bbafee92f6b3730ed5b008514ee52d25a684efef80

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 24 May 2023 11:39:03 GMT
machineid
3203
server
nginx
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame 0F0A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
45870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 22:54:33 GMT
etag
15057649708203361565
expires
Tue, 06 Jun 2023 22:54:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A272 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:02 GMT
expires
Thu, 23 May 2024 11:39:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3003 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:03 GMT
ETag
"623de86a-cf34"
Expires
Thu, 25 May 2023 11:39:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3DFF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:03 GMT
ETag
"623de86a-cf34"
Expires
Thu, 25 May 2023 11:39:05 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame F035 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 May 2024 11:04:38 GMT
recaptcha__pt_br.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame F035 		410 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__pt_br.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cae4aa55cc31f90e6cfa65cbed6cccbe0a0f78af9d863b3fb48372e5623c5a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 17:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167750
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 17:06:16 GMT
sd
us-u.openx.net/w/1.0/ Frame EF50
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=-y9B96ssQqTgIhPwqyta8PwuQvLgfUfy_S7O4JRz
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=-y9B96ssQqTgIhPwqyta8PwuQvLgfUfy_S7O4JRz
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=-y9B96ssQqTgIhPwqyta8PwuQvLgfUfy_S7O4JRz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EF50
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4354139647387671599
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4354139647387671599
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4354139647387671599
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EF50 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=cc34138e-48ca-314d-724f-e2e51ffaad81&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EF50 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTA1YmMwNDQtODFiZC02ZmU5LTY3YWYtYjg1Y2Q1MTg2M2Ux
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EF50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzRiT411C1gAYNFO9JagJE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzRiT411C1gAYNFO9JagJE&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHzRiT411C1gAYNFO9JagJE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checksync.php
contextual.media.net/ Frame 33FA 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4c6765f6264cccefbd5d6089c902c2560fcc952f1c400c5ff1a18ab81a88c250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12034
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:03 GMT
expires
Fri, 26 May 2023 11:39:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 14BF 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:03 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame E836 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:03 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
checksync.php
contextual.media.net/ Frame 0986 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e2ad06743bab68c11b9b1dfbde822baf4c07adfaf3c94641399cf8bb8d0ddbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12034
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:03 GMT
expires
Fri, 26 May 2023 11:39:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 64A4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 May 2023 11:39:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8773
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=fdr.com.br&sn=ChromeSyncframe&so=0&topUrl=fdr.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=xJ4RLHxqTXp3QmJra1VkL2ZwenZqS0U3bWoyZFdaK3htcjFoMWRZRVNTMW9aTkFWZDdDaHh4MStuWEJnZjVXMGFxcGc2bG1GTXNjY1NpZVhJUjlmNXRCeGs2K0RmcE4wQU1xWUl0b3grSlhsMDVoZHZSTHF5QnExd0ZDMG...
430 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xJ4RLHxqTXp3QmJra1VkL2ZwenZqS0U3bWoyZFdaK3htcjFoMWRZRVNTMW9aTkFWZDdDaHh4MStuWEJnZjVXMGFxcGc2bG1GTXNjY1NpZVhJUjlmNXRCeGs2K0RmcE4wQU1xWUl0b3grSlhsMDVoZHZSTHF5QnExd0ZDMGF6RHNzSTg1dk9VMDFCQzMrOXU1NFVCNW92Y3cxc2NJOHYwOTFzU1d0cFJoTFJPTFNxcGV6NFMzUENObzlyengwTG1JVmR6RnBYMzV2eGJ4anNrSnV0RS9WZlJIa3JhOHV1S2N6RWZRSU4xWVN0WmtubTFneUk3S05URkR4andzNmJYekFGZFBVdm1SbGU1WFZobEkrTG9XTG9ockR0UT09fA&cppv=2
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d91ee0960b7dfb1d84d8e47cdecea1738cec398e1f6d88a5dbdc27bb92b3014e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1643846
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xJ4RLHxqTXp3QmJra1VkL2ZwenZqS0U3bWoyZFdaK3htcjFoMWRZRVNTMW9aTkFWZDdDaHh4MStuWEJnZjVXMGFxcGc2bG1GTXNjY1NpZVhJUjlmNXRCeGs2K0RmcE4wQU1xWUl0b3grSlhsMDVoZHZSTHF5QnExd0ZDMGF6RHNzSTg1dk9VMDFCQzMrOXU1NFVCNW92Y3cxc2NJOHYwOTFzU1d0cFJoTFJPTFNxcGV6NFMzUENObzlyengwTG1JVmR6RnBYMzV2eGJ4anNrSnV0RS9WZlJIa3JhOHV1S2N6RWZRSU4xWVN0WmtubTFneUk3S05URkR4andzNmJYekFGZFBVdm1SbGU1WFZobEkrTG9XTG9ockR0UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
373278
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-54936151-1&cid=611117631.1684928343&jid=1033735690&gjid=352806148&_gid=444436593.1684928343&_u=IEBAAEAAAAAAACAAI~&z=1161912027
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 May 2023 11:39:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sac...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sa...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
6P8Yftph-mIq5YmlMSMDTcS-YM9P7Uf2eCvlSqJWQtmenkpmzbwRGw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3000033&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
content-length
0
x-amz-cf-id
o0ldxA7-NVzO-I4RE6s4Tbl9X9rkYJGa7k67yF2BQ5WLD1_VObQZHA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20e...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
oXjQTaExh-VaXEQG9GrJG5bbtqWy9Pvv-HUukrkyah1o5DOPJjtsHQ==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/b2?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684928343493&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fvip-iugu.com%2F&c8=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&c9=
content-length
0
x-amz-cf-id
rh0UVZH5jCNgJn6ndL8N3fSlt7NWgWHpJob0BfmjCm4RHUMmwKDuVA==
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 		412 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadaf6609fc4046610fdecfa5c85ac73994&render=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67a768fc96c11fc71c968fe2117cb2b00669b04f82fbd746afc266db1dbfefd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 17:06:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168307
x-xss-protection
0
last-modified
Mon, 15 May 2023 04:00:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 17:06:11 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fvip-iugu.com&pubid=10f6badb-0fd7-4f81-ab20-6a4f16559607
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:02 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://vip-iugu.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
YkB-Iz6prWD_vnZDWDbhfdANDNyzaWbxEbhqRwyC-2KpHOmD4FZAmg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvip-iugu.com%2F&pid=XBfibIAVFHMVT&cb=0&ws=1600x1200&v=23.517.1921&t=3000&slots=%5B%7B%22sd%22%3A%22Position_Top%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22002220734%2Ffdr.com.br%2FTop_Desktop_Mobile%22%7D%2C%7B%22sd%22%3A%22Position_Content1%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22002220734%2Ffdr.com.br%2FContent1_Desktop_Mobile%22%7D%2C%7B%22sd%22%3A%22Position_Fix%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F22002220734%2Ffdr.com.br%2FFix_Desktop_Mobile%22%7D%5D&pubid=10f6badb-0fd7-4f81-ab20-6a4f16559607&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
D92H884VV03SZTQQP4VW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pjWWHav6JTxTkdBzZNdtwCDqUmRnY7nAfeqsVnTDTWApTwNGPdJZ_w==
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vip-iugu.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vip-iugu.com
date
Wed, 24 May 2023 11:39:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
42eb48f247ae24133002077b73234a67b026b1dc701ab25c1beb601442f7a9d0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
e3978f7a29c61a1b8ce10d996a64ef4a
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
esp
oajs.openx.net/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3887249608877984&correlator=264526336034456&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=22002220734%2Cfdr.com.br%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=660764297&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26indash_trackable%3D9a745eaa07b81236c4f486e5cd37f511b2b2b063%26fdr_id%3D229253%26_fdr_id%3D229253%26tipo_pagina%3Dpost%26categorias%3Dbancos%252Cfinancas%26tipo_post%3Dpost%26utm_source%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1684928343543&lmt=1684806486&dlt=1684928342044&idt=760&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&url=https%3A%2F%2Fvip-iugu.com%2F&frm=20&vis=1&psz=1600x4808&msz=1600x-1&fws=640&ohw=0&ga_vid=611117631.1684928343&ga_sid=1684928344&ga_hid=713924905&ga_fc=true&a3p=EhkKCnB1YmNpZC5vcmcY7du47IQxSABSAghkEhcKCHJ0YmhvdXNlGO3buOyEMUgAUgIIZBIUCgVvcGVueBjt27jshDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO3buOyEMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f02c81fc05bdee4b86b056fa779c5308b200d7cba62e445c2b2f677d9e74cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16725
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:03 GMT
expires
Thu, 23 May 2024 11:39:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
feedback.php
www.facebook.com/plugins/ Frame 3C08
Redirect Chain
  • https://www.facebook.com/v12.0/plugins/comments.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3...
  • https://www.facebook.com/plugins/comments.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-i...
  • https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-i...
135 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8790111d33a00999347228816e9e9eb52e087adc4d34b3c127c2757571a50b20
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Wed, 24 May 2023 11:39:04 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
uvbdfCXE/Ejwon6dzNCc/IMtAPQSelhisIUsrX0Sd2Ubp9HwrTRmE7qeauYx2jg17efgKjhj4m2xUYkMt1FP3A==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 May 2023 11:39:03 GMT
location
https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
origin-agent-cluster
?0
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
INoxs7qYQtbcyyxGT9fgXssRlcse3wZrfTS99SJZnqyPVc+4C3tCLC0r+NHbsTMgQ3sGICL/E4+NIdvBCVLtbw==
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 24 May 2023 11:39:03 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
1a5aff0bc18cbc84d9fa8b1de4c8d6f0
analytics.html
www.gstatic.com/readaloud/player/web/api/analytics/ Frame 6216 		1001 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/readaloud/player/web/api/analytics/analytics.html?url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&trackingIds=G-RQL80RY6XN%2CG-RZ8ETGC2K4&tracking=false&sourceUrl=https%3A%2F%2Fvip-iugu.com%2F&sourceReferrerUrl=&origin=https%3A%2F%2Fvip-iugu.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/readaloud/player/web/api/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
085e0aeecfd75dbf38fec08fdc45ce736d468d3d74ff7d7a2f013e74c8ebb526
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-Opw2ul_SbQlVMHXnG7J8hw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/speakr; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
542
content-security-policy
script-src 'nonce-Opw2ul_SbQlVMHXnG7J8hw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/speakr; base-uri 'none'
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="speakr"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f170e41fd143aba25a29a7f83762ca400d552d00ec7657c4fb0f2c7f31ef3e7

Request headers

Referer
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
GenerateAudioDocStream
readaloud.googleapis.com/$rpc/google.search.readaloud.v1.ReadAloudService/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://readaloud.googleapis.com/$rpc/google.search.readaloud.v1.ReadAloudService/GenerateAudioDocStream
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-accept-content-transfer-encoding,x-goog-api-key,x-goog-authuser,x-goog-fieldmask,x-user-agent
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-accept-content-transfer-encoding,x-goog-api-key,x-goog-authuser,x-goog-fieldmask,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 May 2023 11:39:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateAudioDocStream
readaloud.googleapis.com/$rpc/google.search.readaloud.v1.ReadAloudService/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://readaloud.googleapis.com/$rpc/google.search.readaloud.v1.ReadAloudService/GenerateAudioDocStream
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/readaloud/player/web/api/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
263b7334913a79ec50c64e8bce9cdf46ced825cb9716469be84aa643e42e887d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
accept-language
fr-FR,fr;q=0.9
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-protobuf
X-Goog-FieldMask
metadata,text,image
Referer
https://vip-iugu.com/
X-Goog-Api-Key
AIzaSyCbM_nNiwy_J5mcH0PMO4V6IbU9kHoSuhc
X-Goog-AuthUser
X-Accept-Content-Transfer-Encoding
base64

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/x-protobuf
access-control-allow-origin
https://vip-iugu.com
access-control-expose-headers
content-transfer-encoding,content-disposition,vary,vary,vary,content-encoding,transfer-encoding,date,server
cache-control
private
content-transfer-encoding
base64
content-disposition
attachment
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
truncated
/ 		639 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02879cae62ad89aabb9030bdeec952a3004c2bcb6453d21bfd50c6c4743f5080

Request headers

Referer
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2b1a7f14cb9db010e10b9e983aab0c2e619a529ea7f29d8a310a032c8ef5e54

Request headers

Referer
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=9ea844fd-71da-44a6-8cca-2cad57e67350&pageId=128515&pid=141044&debug_metadata=F2boiF81o0&fv=1191&ts=1684928344237&f=1&referer=https%3A%2F%2Fvip-iugu.com%2F
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=9ea844fd-71da-44a6-8cca-2cad57e67350&pageId=128515&pid=141044&slot=polymorph&fv=1191&ts=1684928344248&f=1&referer=https%3A%2F%2Fvip-iugu.com%2F
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11458372-19&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3Y9B77KYR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
463b04c17e4614f510ff963a0cfd18cb58a101d1f77c2c02592f832ade0c9e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46707
x-xss-protection
0
last-modified
Wed, 24 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 11:39:04 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z3Y9B77KYR&gtm=45je35m0&_p=713924905&cid=611117631.1684928343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684928344&sct=1&seg=0&dl=https%3A%2F%2Fvip-iugu.com%2F&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3Y9B77KYR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
top10
recomendador.gridmidia.com/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recomendador.gridmidia.com/top10?site=1&count=5
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
88934d1ff27ef5525de46eb1870dc14f06975d376d4d2a190aed17389df9cda8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.23
vary
negotiate,Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUxJvAwJPbY4hNetZSmSxKoEBen%2FZeV2AdeQXxanADxDSM0DI3FOnt4yS8Dx32NBrWqfMhSzw5qiCZ8ONh23RmnDzXMGHkmGDj1X71oBYDh696eQrnmJHR0m0PeJ8NwbZugM0Kkpw3ZWyO4wOQ5bwZTTkbtyKqtjBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
tcn
choice
content-location
top10.php
cf-ray
7cc541884babf19a-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-generated-timestamp
2023-05-24T08:39:04-03:00
sync
gum.criteo.com/ 		73 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8a66090e7b66a7a8eaf5a9c3b6f8651bfca9c383d360478e1e6e343768f9cdeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1449649
expires
60
ga-audiences
www.google.com/ads/ 		42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-54936151-1&cid=611117631.1684928343&jid=1033735690&_u=IEBAAEAAAAAAACAAI~&z=1844683643
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-54936151-1&cid=611117631.1684928343&jid=1033735690&_u=IEBAAEAAAAAAACAAI~&z=1844683643
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 6216 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/readaloud/player/web/api/analytics/analytics.html?url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&trackingIds=G-RQL80RY6XN%2CG-RZ8ETGC2K4&tracking=false&sourceUrl=https%3A%2F%2Fvip-iugu.com%2F&sourceReferrerUrl=&origin=https%3A%2F%2Fvip-iugu.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c694bd0439894dfe6f938712b12e5afeb056d88c4bc1ba4f4db870b37f14090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40385
x-xss-protection
0
last-modified
Wed, 24 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 11:39:04 GMT
analytics_api.js
www.gstatic.com/readaloud/player/web/api/analytics/ Frame 6216 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/readaloud/player/web/api/analytics/analytics_api.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/readaloud/player/web/api/analytics/analytics.html?url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&trackingIds=G-RQL80RY6XN%2CG-RZ8ETGC2K4&tracking=false&sourceUrl=https%3A%2F%2Fvip-iugu.com%2F&sourceReferrerUrl=&origin=https%3A%2F%2Fvip-iugu.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8638fbcbdae30900f80c7cbe40bfc8525ab0694ce08a6d83d68a563f5f3b64b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/readaloud/player/web/api/analytics/analytics.html?url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&trackingIds=G-RQL80RY6XN%2CG-RZ8ETGC2K4&tracking=false&sourceUrl=https%3A%2F%2Fvip-iugu.com%2F&sourceReferrerUrl=&origin=https%3A%2F%2Fvip-iugu.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:22:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15348
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 08:21:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="speakr"
vary
Accept-Encoding
report-to
{"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 24 May 2023 12:12:46 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame E836 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 11:27:04 GMT
Server
AkamaiNetStorage
ETag
"d04509d397c3e2fc66494d97f7722854:1678364030.711077"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3028
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame E836 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 13:39:11 GMT
Server
AkamaiNetStorage
ETag
"8b1cb5067890ebc3c725e1d21c5413c1:1684245101.114224"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame E836 		160 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
459b41151269206dd67798b6b80a5667423115399fce0a9a16aa44184cd2f49d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 13:39:11 GMT
Server
AkamaiNetStorage
ETag
"4a853571c4d2c55de246f7f6ccd8c493:1684245102.224778"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 14BF 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 11:27:04 GMT
Server
AkamaiNetStorage
ETag
"d04509d397c3e2fc66494d97f7722854:1678364030.711077"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3028
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 14BF 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 13:39:11 GMT
Server
AkamaiNetStorage
ETag
"8b1cb5067890ebc3c725e1d21c5413c1:1684245101.114224"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 14BF 		160 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
459b41151269206dd67798b6b80a5667423115399fce0a9a16aa44184cd2f49d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 13:39:11 GMT
Server
AkamaiNetStorage
ETag
"4a853571c4d2c55de246f7f6ccd8c493:1684245102.224778"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
usync.js
eus.rubiconproject.com/ Frame 64A4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 21:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34641
Connection
keep-alive
Content-Length
10085
Expires
Wed, 24 May 2023 21:16:25 GMT
prebid
ib.adnxs.com/ut/v3/ 		357 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3a97e5ba549115e58b809f5e67eba208a2f09c385e53f0f3ce1c1b9dd3953e5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:04 GMT
AN-X-Request-Uuid
62d8cbe9-b8b1-4c5c-aa26-51667cb5b6be
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vip-iugu.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
357
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e749404a407ecf6f327a91e6582e330727b9c1930d62365ef5c3491cf9c9a33e

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:03 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		909 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b8c5d11acb77a376f85d937c5af6012bfd525a295bf707ac91c8217b623701e8

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
149eae83ae540e86a8dc3c86ccc1c930d262d0acd34f1632be599f3a4ffa6eed

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		458 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24472&site_id=420952&zone_id=2387096&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.page=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.domain=fdr.com.br&tg_i.pbadslot=%2F22002220734%2Ffdr.com.br%2FTop_Desktop_Mobile&tk_flint=pbjs_lite_v7.22.0&x_source.tid=1b663982-800a-41bc-9690-2002b914eecb&l_pb_bid_id=10b2dbcd10f50aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22002220734%2Ffdr.com.br%2FTop_Desktop_Mobile&slots=1&rand=0.8116787641176333
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1df4ef080d9c211b26dd2b0bb1229fcce3992e753ba76a101586b74610e50085

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vip-iugu.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
458
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		463 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24472&site_id=420952&zone_id=2387096&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.page=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.domain=fdr.com.br&tg_i.pbadslot=%2F22002220734%2Ffdr.com.br%2FContent1_Desktop_Mobile&tk_flint=pbjs_lite_v7.22.0&x_source.tid=2307cfe7-1009-450a-8b0a-cb96a848e5a9&l_pb_bid_id=11dd87c13057603&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22002220734%2Ffdr.com.br%2FContent1_Desktop_Mobile&slots=1&rand=0.053833725013638256
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5090b6dcd149cf54d641335e0274daebebbfc74399fd08b0cc7df14f091a2137

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vip-iugu.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
463
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24472&site_id=420952&zone_id=2387096&size_id=2&alt_size_ids=55%2C221&rf=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.page=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.domain=fdr.com.br&tg_i.pbadslot=%2F22002220734%2Ffdr.com.br%2FFix_Desktop_Mobile&tk_flint=pbjs_lite_v7.22.0&x_source.tid=c09790f9-19f4-482f-b9a1-2e2d0b1b7836&l_pb_bid_id=123ef158a35ac63&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22002220734%2Ffdr.com.br%2FFix_Desktop_Mobile&slots=1&rand=0.24070131760681335
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
46fd33ded5563823e40f6c595b4c61d47fbacb03f39b1a3726191bc117af5363

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vip-iugu.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU9MORS2
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa83595f0510c2944aca41314d4a6496a9ddc46f27805d2c9ac8296ba0307535

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 24 May 2023 11:39:04 GMT
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6339d0a9ed952697ceec234ac5ada09afeef2aab4ce26fff51a86b52fd5fd1ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:04 GMT
AN-X-Request-Uuid
7fc16c30-a061-4d09-995d-0f9a075cab12
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vip-iugu.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
f0afc9da05c2ed14d96856c87cdf788129164e1a6aa791ece607aaad969b0c5f

Request headers

Referer
https://vip-iugu.com/
x-openrtb-version
2.5
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
8bbfd66ec379fe7aae834f17a9d7c61b8697e4a41ae229a351ea30aead93178f

Request headers

Referer
https://vip-iugu.com/
x-openrtb-version
2.5
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
b64b21400a350483fafe562aff23a10210aac451e18aef7deccf2f867c689b38

Request headers

Referer
https://vip-iugu.com/
x-openrtb-version
2.5
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 24 May 2023 11:39:04 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 24 May 2023 11:39:04 GMT
server
ATS/9.1.10.57
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 24 May 2023 11:39:04 GMT
server
ATS/9.1.10.57
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=713924905&t=pageview&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=808167071&gjid=567268833&cid=611117631.1684928343&tid=UA-59848279-52&_gid=444436593.1684928343&_r=1&_slc=1&gtm=45He35m0n81MHKNJGH&cd0=vip-iugu.com&z=533744521
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHKNJGH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 10:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3810
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 24 May 2023 12:35:34 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=713924905&t=pageview&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1602152371&gjid=1249302103&cid=611117631.1684928343&tid=UA-11458372-19&_gid=444436593.1684928343&_r=1&gtm=457e35m0&jsscut=1&z=1235371560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=713924905&t=event&ni=0&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vip-iugu.com&ea=vip-iugu.com&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-59848279-52&_gid=444436593.1684928343&gtm=45He35m0n81MHKNJGH&z=716915442
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40128
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=713924905&t=event&_s=2&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=indash_trackable&ea=9a745eaa07b81236c4f486e5cd37f511b2b2b063&el=9a745eaa07b81236c4f486e5cd37f511b2b2b063&ev=1&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-11458372-19&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=874096715
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40128
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ad
a.teads.tv/page/128515/ 		540 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/128515/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fvip-iugu.com%2F&auctid=9ea844fd-71da-44a6-8cca-2cad57e67350&formatVersion=1191&env=js-web&netBw=9.3&ttfb=234
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b49419f9d788b67ef6f7c077d911137a35c1f142bff247a4bef8ee1da0df348e

Request headers

Accept
application/json; charset=UTF-8
Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vip-iugu.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
364
expires
Wed, 24 May 2023 11:39:04 GMT
Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 3C08 		721 B
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PXgZwd+47LIQZAIO7K6FA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
393
x-fb-rlafr
0
x-fb-debug
HBjBnHjcAExRXSdbS8vb+dQ74i4EeyEAfvT5A34wHF6YyRYpr5r2Dab+OmWW8XOOhVyArHDZ15/sIl1fbDz4ow==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Thu, 09 May 2024 22:57:44 GMT
_qHCM0GC8i1.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame 3C08 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tm6JBE8h8l6bBfgsWgb4iA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19947
x-fb-rlafr
0
x-fb-debug
ItJaBrwfv3JYD8gYXMu1UqhWn9X07QLZFXv5U8vzC0a0CjGGnDe2YvQCXFDCJTNxY+EFELyuqM0V7ZOSO2i+Qw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Thu, 09 May 2024 19:40:34 GMT
GMP2ayyN27S.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 3C08 		306 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/GMP2ayyN27S.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf3c408ef00e3ce08742140076ca523a9538ccbce07ef3b61ac19ca97d758ac5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ELTjDIJcYKW9N3EgP4Szqw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81696
x-fb-rlafr
0
x-fb-debug
PiyrJ36LvL11nl+NQygXDw/erjKS/xy/XkM39inwmAnBUpIT6DtPZZf1KxHatau7Bjro0BWcvAVArYuK2CFBxQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 18 May 2024 22:54:05 GMT
6tlcM-s2agM.js
static.xx.fbcdn.net/rsrc.php/v3i5VZ4/y2/l/pt_BR/ Frame 3C08 		150 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5VZ4/y2/l/pt_BR/6tlcM-s2agM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
203df605582e48215f26055790c881dba618c2d4bb4539249cdd582e80098aae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OKRrNh6X3pwuTGyvT1HPlQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44047
x-fb-rlafr
0
x-fb-debug
uyVX0S5H7AwAZGOXWiuWu960UC+FK1BYEthAfn1AxujHHyKpfGl0LNmEsIIv46X69b0tzAj7tUpZYxGSH6yO0g==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), hid=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=()
timing-allow-origin
*
expires
Wed, 15 May 2024 20:43:30 GMT
xE7JzorAaf1.js
static.xx.fbcdn.net/rsrc.php/v3i_mc4/yD/l/pt_BR/ Frame 3C08 		1 MB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_mc4/yD/l/pt_BR/xE7JzorAaf1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3120301325194853fcf3061e385b2366bbd34f1050ae709d0b8d25273a2cd010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9DNLgWN52YNkd0IuynF1WQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
283146
x-fb-rlafr
0
x-fb-debug
90TXvX6OC/0AwhsBbBz8YUkwqRZClaJ0MV755P+TVWCEwTvQQpEVSH23z/aLQjs09JZNAL49U/HM8ynmFW4jZQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 23 May 2024 01:27:49 GMT
zCrhGdiyUV6.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 3C08 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/zCrhGdiyUV6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04a6c8bef417b9a27f9319e3740ab8947e774de7dc8acce089e28071954636b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fNcaSNrYTrVbfiASojXPDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14184
x-fb-rlafr
0
x-fb-debug
iIGAzX5xm55ho7vzjUcts/E2X1kZMN3ZGd7l+oz19ZMUda/Wazf4FPi9eQrr+1Luz0gcLgCtyInSi/Lo/DDbmw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
expires
Thu, 09 May 2024 20:06:17 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 3C08 		507 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
KYRjvgdL7OzSb2sj/NgO5o64lihH3Mdkc4IxvzoZZTbIZMJCJmLvrkMUCK4AkHb/1MIYFHAdIro+fwH8b1N77Q==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), midi=(), screen-wake-lock=(), usb=()
timing-allow-origin
*
expires
Wed, 15 May 2024 19:53:43 GMT
lRow5ikYhwr.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 3C08 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/lRow5ikYhwr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6C415KRq9MkmtWnj/x6u5w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16036
x-fb-rlafr
0
x-fb-debug
hhnaLWPTeGd8fxhC9/vB1AGi/Khnu5hw8niGbeBFammOvPVq4HbucAPxYNYBwiNyqfpyUBNKUwextLr2ZBR4pQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=()
timing-allow-origin
*
expires
Fri, 10 May 2024 01:45:54 GMT
2l9FUzlQsL2.js
static.xx.fbcdn.net/rsrc.php/v3imvK4/yc/l/pt_BR/ Frame 3C08 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3imvK4/yc/l/pt_BR/2l9FUzlQsL2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f26d42c4e956b92a1a7d3fdb5816493911aed0e91067ed153e7004726e37a47d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+EsBpyqImqEr0hUFFrJpaw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13055
x-fb-rlafr
0
x-fb-debug
vhIKA4BvgNyIOLn1Z5NgaTx/+kYUX+12eGA13UpZrTt+YZrObyOgopbUumTLvgqCgI8LiTs39Rm/XClBP2m0PA==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 23 May 2024 01:27:49 GMT
bounce
ib.adnxs.com/ Frame 3DFF
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
94b9f9b7-2b25-406f-be6b-d461520573d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:04 GMT
AN-X-Request-Uuid
c175d569-4c1c-4dbe-bd6d-57bca6b0d815
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 3003
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
bbdf9a68-da1a-49fd-9d0f-059da5f23f41
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:04 GMT
AN-X-Request-Uuid
118b305a-66f1-4b2b-b540-c9887c4617a6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/speakr
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gstatic.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
speakr
csp.withgoogle.com/csp/ Frame 6216 		0
0
base.min.css
recomendador.gridmidia.com/assets/ Frame D92C 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recomendador.gridmidia.com/assets/base.min.css?v=20211008145159
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922979163c3ef926f18ce959653ef6553227e598491154980994c8e432dfc902

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Oct 2021 17:51:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11a4-5cddb092c8dc0-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWvAQqs545VmZpCAgfB%2FwSn52kBedwyYC8N8x380c5ixBrBRuXCExo61gZlFaiZrcihweM25P9EHbbPrKHAnm6C8aQ0xZQJAeNf8dOyzKjKSJnDa4X%2BPak8xoBv2OR6c3ycGOWqBO7NsYbg38vVDdErQFiN3eG6hdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7cc5418ab9413cb9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
top10.min.css
recomendador.gridmidia.com/assets/ Frame D92C 		1 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recomendador.gridmidia.com/assets/top10.min.css?v=20211012085403
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c19d5b1fb103e9e054bccec4fac5e8aeeead395558e29d81fdf5d16588c82fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 11:54:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"511-5ce2680784cc0-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLhgREYsYN0e%2FOgK7yv%2BEB3aGsgp9SjgAyk0Rt%2FVtj4bfyxGODIZgRtSYFqwVLU7BulaFU6ybxc1FRDnmtLNF0%2F0JAB27Q4yKArCSl0v21EHfdzABVWmp9HbGjG49edwjQ54zQwpxu7KsyiZDCvoNNlI7R5CdHQZKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7cc5418ab9423cb9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D92C 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a415f9d6900febce6dd8d7aa5c1a97b441fc52daafd1d99bed368597366d138c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25212
x-xss-protection
0
server
cafe
etag
292 / 19501 / 31074816 / config-hash: 11214031862051598875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:04 GMT
js
www.googletagmanager.com/gtag/ Frame D92C 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-207012791-1
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e43c006f9d499a62af042430e79d3e207d99dd1008edd48f03f56ffadf0e442c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46677
x-xss-protection
0
last-modified
Wed, 24 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 May 2023 11:39:04 GMT
css2
fonts.googleapis.com/ Frame D92C 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Sora:wght@400&family=Source+Sans+Pro:wght@400;700&display=swap
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6964aaed97b698a98148949d7cab16c56e58df32b6f2ab40110e151b9baf8153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 May 2023 11:39:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 May 2023 11:39:04 GMT
app.min.js
recomendador.gridmidia.com/assets/ Frame D92C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recomendador.gridmidia.com/assets/app.min.js?v=20211012085511
Requested by
Host: recomendador.gridmidia.com
URL: https://recomendador.gridmidia.com/bootstrap?site=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d699557a560175a942aa8f251da48154a20c38e1c802d694d0f86b8645a672c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Oct 2021 11:55:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"741-5ce268485e5c0-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a2DxfkOM8VvfD2usX6IrU1Da2%2B1hUaV8nIfIOkr%2BXq8p8ymYxdkzuu6DH%2F9eIA56lb7feQ2L2B4IBqzU7P5JpvTn26QiRyhUkuPSJoqNdGyi7wh55qfa7VsqgM8zhy8hoDsL398BZ5tcg%2BueVcnmXP28n9BTk0Pmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7cc5418ab9443cb9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
gum.criteo.com/ Frame 33FA 		60 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1288461
expires
60
usync.html
eus.rubiconproject.com/ Frame C515
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 May 2023 11:39:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 May 2023 11:39:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 568F
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Drkt%26refUrl%3D%26vid%3D492834490332792994307152160...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449033279299430715216000V10&ovsid=5109685627766473074
235 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449033279299430715216000V10&ovsid=5109685627766473074
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Wed, 24 May 2023 11:39:05 GMT
expires
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 24 May 2023 11:39:05 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449033279299430715216000V10&ovsid=5109685627766473074
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34C5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152305
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 24 May 2023 11:39:05 GMT
expires
Fri, 26 May 2023 05:57:30 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame 33FA 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3279299430715216000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 24 May 2023 11:39:05 GMT
us
sync.go.sonobi.com/ Frame 33FA 		0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=son&refUrl=&vid=49283449033279299430715216000V10&ovsid=[UID]
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame 33FA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449033279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449033279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449033279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RX-41237731-dd67-4c5e-b42f-b728337a3392-003
sync.targeting.unrulymedia.com/csync/ Frame 33FA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449033279299430...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449033279...
  • https://ad.turn.com/r/cs?pid=45&rndcb=2599183618
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
213.19.147.45 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
cksync
cs.media.net/ Frame 33FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI3OTI5OTQzMDcxNTIxNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 33FA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
61 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1164621
content-length
0
expires
Wed, 24 May 2023 00:00:00 GMT
sync
x.bidswitch.net/ Frame 33FA 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.91.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-91-78.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 33FA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449033279299430715216000V10&ovsid=__ZU...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449033279299430715216000V10&ovsid=__ZUID__
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449033279299430715216000V10&ovsid=__ZUID__
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
252
Content-Type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame 33FA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3279299430715216000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3279299430715216000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 33FA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
log
c21lg-d.media.net/ Frame 0986 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3279299430715216000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 24 May 2023 11:39:05 GMT
sync
gum.criteo.com/ Frame 0986 		60 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1552839
expires
60
usync.html
eus.rubiconproject.com/ Frame D9A1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 May 2023 11:39:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 May 2023 11:39:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync
cs.media.net/ Frame 0986
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI3OTI5OTQzMDcxNTIxNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIRGveIo-SwHazLlouQfgLI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame A50A
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Drkt%26refUrl%3D%26vid%3D492834494132792994307152160...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449413279299430715216000V10&ovsid=5108559727906168966
235 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449413279299430715216000V10&ovsid=5108559727906168966
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Wed, 24 May 2023 11:39:05 GMT
expires
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Wed, 24 May 2023 11:39:05 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=rkt&refUrl=&vid=49283449413279299430715216000V10&ovsid=5108559727906168966
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame 0986
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
61 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=213484b6-5433-458f-ac1e-d932d269ee7f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1218861
content-length
0
expires
Wed, 24 May 2023 00:00:00 GMT
sync
x.bidswitch.net/ Frame 0986 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.91.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-91-78.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 0986
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3279299430715216000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3279299430715216000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
61 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=3f81006b-d13f-4282-a9d7-4f4258ee55c1&cs=1
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 0986 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C08B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=152305
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 24 May 2023 11:39:05 GMT
expires
Fri, 26 May 2023 05:57:30 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame 0986 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=son&refUrl=&vid=49283449413279299430715216000V10&ovsid=[UID]
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-156
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame 0986
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3279299430715216...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449413279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
235 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449413279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3279299430715216000V10&type=opx&refUrl=&vid=49283449413279299430715216000V10&ovsid=04187a11-e3ca-0bad-1100-9c8bad153f5d
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
RX-41237731-dd67-4c5e-b42f-b728337a3392-003
sync.targeting.unrulymedia.com/csync/ Frame 0986
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449413279299430...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%26refUrl%3D%26vid%3D49283449413279...
  • https://ad.turn.com/r/cs?pid=45&rndcb=7610471231
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
213.19.147.45 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
cksync.php
contextual.media.net/ Frame 0986
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449413279299430715216000V10&ovsid=__ZU...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449413279299430715216000V10&ovsid=__ZUID__
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:05 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283449413279299430715216000V10&ovsid=__ZUID__
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
252
Content-Type
text/html; charset=utf-8
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
632f6cf84d1938fba2ceab56026cac2ed9a16f6fd2723088e73a535e363ea6da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
81cf6aea-2f1c-492f-b508-66ed9204f37b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vip-iugu.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		811 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
397add1d26d215886969e9fadb5afbd0383bd5160d06f943e7948fcd3153c5cd

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24472&site_id=420952&zone_id=2387096&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.page=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&tg_i.domain=fdr.com.br&tg_i.pbadslot=%2F22002220734%2Ffdr.com.br%2FContent10_Desktop_Mobile&tk_flint=pbjs_lite_v7.22.0&x_source.tid=84ffe809-6435-4633-956f-62f72f9e6cdf&l_pb_bid_id=3143e866af70f94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22002220734%2Ffdr.com.br%2FContent10_Desktop_Mobile&slots=1&rand=0.7264870408225834
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84bf17459cf32b5962b6fb2f20f29a96ac5bb9b600abd544b6d0c05316d09b3c

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vip-iugu.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
464
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU9MORS2
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
124cb9322c99fdd5f2befeffb774b833b866f6490780f69308f94acd2405c718

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 24 May 2023 11:39:05 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7c450046da95dc5883b880794d94442b7cacbada3d307c6747df88294731cb6b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
4f98d5fe-8734-4eff-b2f5-0f708fa423ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vip-iugu.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
2ba1097b24ebdb5d1858329e77b0221c1f14869679a87fc20971f332b1318c86

Request headers

Referer
https://vip-iugu.com/
x-openrtb-version
2.5
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
content-length
84
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fvip-iugu.com%2F&pid=XBfibIAVFHMVT&cb=1&ws=1600x1200&v=23.517.1921&t=3000&slots=%5B%7B%22sd%22%3A%22teads_place%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%7D%5D&pubid=10f6badb-0fd7-4f81-ab20-6a4f16559607&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
RMKQ57XA8EJ160701Z0Q
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pzNIMJPp0uZnfxSBDtTvAMjlGFnMPOl9uhIdb4kkuKlw-Slp6rfPhQ==
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=9ea844fd-71da-44a6-8cca-2cad57e67350&pageId=128515&pid=141044&slot=polymorph&vid=00000000-0000-0000-0000-000000000001&fv=1191&ts=1684928345052&f=1&referer=https%3A%2F%2Fvip-iugu.com%2F
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
json
trc.taboola.com/unknown-site-on-gridmidia-network/trc/3/ 		31 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/unknown-site-on-gridmidia-network/trc/3/json?tim=11%3A39%3A05.098&lti=deflated&data=%7B%22id%22%3A57%2C%22ii%22%3A%22%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684921960977%2C%22vi%22%3A1684928345096%2C%22cv%22%3A%2220230524-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fvip-iugu.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5038%2C%22nsid%22%3A%22gridmidia-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgridmidia-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Engt%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Engt%22%2C%22cd%22%3A4362.046875%2C%22mw%22%3A730%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2CBelow%20Article%20Thumbnails%20Engt%3Dalternating-thumbnails-a%3Apub%3Dgridmidia-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
23
date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-lcy-eglc8600041-LCY
server
nginx
x-timer
S1684928345.122026,VS0,VE23
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://vip-iugu.com
content-type
text/plain;charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vip-iugu.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-59848279-52&cid=611117631.1684928343&jid=808167071&gjid=567268833&_gid=444436593.1684928343&_u=aEDAAEABAAAAACAAI~&z=943140435
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-11458372-19&cid=611117631.1684928343&jid=1602152371&gjid=1249302103&_gid=444436593.1684928343&_u=aEDAAUABAAAAACAAI~&z=1432893056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F035 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:52:35 GMT
x-content-type-options
nosniff
age
305190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 27 May 2023 22:52:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F035 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 23:28:35 GMT
x-content-type-options
nosniff
age
303030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 23:28:35 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F035 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:47:45 GMT
x-content-type-options
nosniff
age
323480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 17:47:45 GMT
esp
oajs.openx.net/ 		0
0
syncframe
gum.criteo.com/ Frame 11B8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=vip-iugu.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:04 GMT
server
Kestrel
server-processing-duration-in-ticks
922367
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vip-iugu.com
date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ 		221 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
42eb48f247ae24133002077b73234a67b026b1dc701ab25c1beb601442f7a9d0

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
db72a04c613af3f307e05957012be93e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3887249608877984&correlator=3559621497983609&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=22002220734%2Cfdr.com.br%2CContent1_Desktop_Mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C300x250&fluid=height&ifi=2&adks=124596424&sfv=1-0-40&prev_scp=reqOrd%3D1%26reloadable%3Dyes%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=indash_trackable%3D9a745eaa07b81236c4f486e5cd37f511b2b2b063%26fdr_id%3D229253%26_fdr_id%3D229253%26tipo_pagina%3Dpost%26categorias%3Dbancos%252Cfinancas%26tipo_post%3Dpost%26utm_source%3Dnull&sc=1&cookie=ID%3Deb8c64abebb47475%3AT%3D1684928343%3AS%3DALNI_MZfjznVK8BLDPzw8L3YStqDuwjOCg&gpic=UID%3D00000c33aa748377%3AT%3D1684928343%3ART%3D1684928343%3AS%3DALNI_MaXjBsIuKbLirEAPhS1KaLobF43HA&abxe=1&dt=1684928345204&lmt=1684806486&dlt=1684928342044&idt=760&adxs=632&adys=1993&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&url=https%3A%2F%2Fvip-iugu.com%2F&frm=20&vis=1&psz=730x312&msz=730x280&fws=4&ohw=1600&ga_vid=611117631.1684928343&ga_sid=1684928344&ga_hid=713924905&ga_fc=true&ga_cid=444436593.1684928343&a3p=EhwKDWNyd2RjbnRybC5uZXQYu-e47IQxSABSAghkEhkKCnB1YmNpZC5vcmcY6Oi47IQxSABSAghqEhcKCHJ0YmhvdXNlGO3buOyEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi757jshDFIAFICCGQSFAoFb3BlbngY7du47IQxSABSAghkEhkKCnVpZGFwaS5jb20Yu-e47IQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJ57jshDFIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6c7a31078a5059c629d48d6f26d3176592e36364d415d03e70e9e03cc9ccf19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D754 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:03 GMT
expires
Thu, 23 May 2024 11:39:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 24 May 2023 11:39:05 GMT
server
ATS/9.1.10.57
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://vip-iugu.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
5e34621e80e5eb3f63d92981829583c2
ads
securepubads.g.doubleclick.net/gampad/ 		1021 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3887249608877984&correlator=3559621497983609&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=22002220734%2Cfdr.com.br%2CTop_Desktop_Mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C300x250&fluid=height&ifi=3&adks=6734720&sfv=1-0-40&prev_scp=reqOrd%3D1%26reloadable%3Dyes%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=indash_trackable%3D9a745eaa07b81236c4f486e5cd37f511b2b2b063%26fdr_id%3D229253%26_fdr_id%3D229253%26tipo_pagina%3Dpost%26categorias%3Dbancos%252Cfinancas%26tipo_post%3Dpost%26utm_source%3Dnull&sc=1&cookie=ID%3Deb8c64abebb47475%3AT%3D1684928343%3AS%3DALNI_MZfjznVK8BLDPzw8L3YStqDuwjOCg&gpic=UID%3D00000c33aa748377%3AT%3D1684928343%3ART%3D1684928343%3AS%3DALNI_MaXjBsIuKbLirEAPhS1KaLobF43HA&abxe=1&dt=1684928345233&lmt=1684806486&dlt=1684928342044&idt=760&adxs=632&adys=941&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&url=https%3A%2F%2Fvip-iugu.com%2F&frm=20&vis=1&psz=730x312&msz=730x280&fws=4&ohw=1600&ga_vid=611117631.1684928343&ga_sid=1684928344&ga_hid=713924905&ga_fc=true&ga_cid=444436593.1684928343&a3p=EhwKDWNyd2RjbnRybC5uZXQYu-e47IQxSABSAghkEhkKCnB1YmNpZC5vcmcY6Oi47IQxSABSAghqEhcKCHJ0YmhvdXNlGO3buOyEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi757jshDFIAFICCGQSFAoFb3BlbngY7du47IQxSABSAghkEhkKCnVpZGFwaS5jb20Yu-e47IQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiJ57jshDFIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aba133f2a29105ff3bb49e7fb4503f1c781966a93f330a2aa8c2f20fda211c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 6216 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RQL80RY6XN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5bf51a10483f0a2879ed9c260c5bf8b881108f77679f77d49b1bc9e4e1cdf6ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74406
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 May 2023 11:39:05 GMT
js
www.googletagmanager.com/gtag/ Frame 6216 		188 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RZ8ETGC2K4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d59fdfe1274898c5a44889c3566ebcc1aecc7b6ed595047f1224e4fac86950a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70664
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 May 2023 11:39:05 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 64A4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QM77Q3P15P0CKECWTF12
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FBWKCVPFJBSGZDQ4A17X
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEkxTVRaQkgtOS1OR1k=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESED5_h48S9sOhle685G0qH14&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxTVRaQkgtOS1OR1k=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxTVRaQkgtOS1OR1k=&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxTVRaQkgtOS1OR1k=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
setuid
px.ads.linkedin.com/ Frame 64A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI1MTZBH-9-NGY
0
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI1MTZBH-9-NGY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 993011FBF2E344F9B1E01E254D8714F3 Ref B: PAR02EDGE0812 Ref C: 2023-05-24T11:39:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8bvOFjsnZC66kxO11Lw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LI1MTZBH-9-NGY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 64A4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SncWCN_PSTiV5mHlPbPCyQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SncWCN_PSTiV5mHlPbPCyQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SncWCN_PSTiV5mHlPbPCyQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
334TB2TC83P5MA0WAKWG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SncWCN_PSTiV5mHlPbPCyQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 64A4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 64A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b2Uupgf8fIYGjg8P-TsI4g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nBQmPIVE2oKpwwegbUSyn9Mqf6iWDuJFdPpbtw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nBQmPIVE2oKpwwegbUSyn9Mqf6iWDuJFdPpbtw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nBQmPIVE2oKpwwegbUSyn9Mqf6iWDuJFdPpbtw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 64A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbwvZmw0F5tKVaQsuMm3nk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbwvZmw0F5tKVaQsuMm3nk&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbwvZmw0F5tKVaQsuMm3nk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMyZGNhN2RkMWU3ZDQ4MTY3NjNkOWUxMzFlM2U5NjY1ZDNlOGFiNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMyZGNhN2RkMWU3ZDQ4MTY3NjNkOWUxMzFlM2U5NjY1ZDNlOGFiNw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWMyZGNhN2RkMWU3ZDQ4MTY3NjNkOWUxMzFlM2U5NjY1ZDNlOGFiNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
map
bcp.crwdcntrl.net/6/ 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.130.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-130-244.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b7b3cd74c96838ca9611dda214a04b21ffdc89f03588653f6f5456d667654b92

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache
x-server
10.45.18.64
access-control-allow-credentials
true
content-length
60
expires
0
webworker.js
www.google.com/recaptcha/api2/ Frame F035 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4af09459e95d0e3b41af362888811cd76179c3bc5b57da2fa098f7727aaab373
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc62bIcAAAAALqzqasfuhKxRX0vxQOaYyB_XQxy&co=aHR0cHM6Ly9mZHIuY29tLmJyOjQ0Mw..&hl=pt-BR&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=9epmjx1svu1d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
1; mode=block
expires
Wed, 24 May 2023 11:39:05 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 082F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache,no-store
content-type
image/gif
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:04 GMT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
eu-u.openx.net/w/1.0/ Frame C938 		772 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3ca351bb2909e25fa9531d7005806d65e0d6c580fb6f77a991525c619f2c24be

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
450
content-type
text/html
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
rtb-csync.smartadserver.com/redir/ Frame B9F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8214394872625996297&gdpr=0&gdpr_consent=
43 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8214394872625996297&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache,no-store
content-type
image/gif
date
Wed, 24 May 2023 11:39:04 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Wed, 24 May 2023 11:39:05 GMT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8214394872625996297&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
usermatch
ssum-sec.casalemedia.com/ Frame 36EE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
bff572ec9342764949f6cf133956759760a35804fa483e42a19fa2ba71db2477

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2011
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:05 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 24 May 2023 11:39:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E836 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=c47b646d-f759-4f00-8390-6bd97343fe8c&gdpr=0&gdpr_consent=
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=c47b646d-f759-4f00-8390-6bd97343fe8c&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x13 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=c47b646d-f759-4f00-8390-6bd97343fe8c&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 May 2023 11:39:04 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=226810f8-8988-46e1-98a4-666a37ae3f25&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redir
rtb-csync.smartadserver.com/ Frame E836
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA5EU7I2-8AAB9htAQA1g&gdpr=0
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA5EU7I2-8AAB9htAQA1g&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA5EU7I2-8AAB9htAQA1g&gdpr=0
Date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E836
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e220401f70f478a7eff4e&gdpr=0&gdpr_consent=
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e220401f70f478a7eff4e&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e220401f70f478a7eff4e&gdpr=0&gdpr_consent=
date
Wed, 24 May 2023 11:39:05 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3e22cb67-372d-471b-b8a1-58ff9f7010cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame E836
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8TD7N0A6K1N26SFP1JDZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137897998489&gdpr=0&gdpr_consent=
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137897998489&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137897998489&gdpr=0&gdpr_consent=
Date
Wed, 24 May 2023 11:39:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=7sbWvfJ43j1m&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=7sbWvfJ43j1m&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
fr-FR
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=7sbWvfJ43j1m&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-hxr87
expires
-1
genericusersync.ashx
sync.tidaltv.com/ Frame E836 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:aa55:d04a:d829:3323 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
690139
content-length
0
expires
Wed, 24 May 2023 00:00:00 GMT
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame E836
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZG33WQAAAMqUnQBI
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-lcy-eglc8600043-LCY
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2607
x-timer
S1684928346.914597,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
17844

Redirect headers

x-served-by
cache-lcy-eglc8600043-LCY
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1684928346.673982,VS0,VE77
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZG33WQAAAMqUnQBI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
9.gif
id5-sync.com/i/102/ Frame E836 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
cksync.php
contextual.media.net/ Frame E836
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=1600537308
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=r1&refUrl=&vid=49283449033279299430715216000V10&ovsid=RX-41237731-dd67-4c5e-b42f-b728337a3392-003
61 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=r1&refUrl=&vid=49283449033279299430715216000V10&ovsid=RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:06 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=r1&refUrl=&vid=49283449033279299430715216000V10&ovsid=RX-41237731-dd67-4c5e-b42f-b728337a3392-003
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41237731dd674c5eb42fb728337a3392003
content-type
text/html
/
b1sync.zemanta.com/usersync/smart/ Frame E836 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:05 GMT
bsync
visitor.omnitagjs.com/visitor/ Frame E836 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8554c0d7-28d6-46b5-92e5-1a372b07fb50&gdpr_consent=null&gdpr=0
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8554c0d7-28d6-46b5-92e5-1a372b07fb50&gdpr_consent=null&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8554c0d7-28d6-46b5-92e5-1a372b07fb50&gdpr_consent=null&gdpr=0
date
Wed, 24 May 2023 11:39:05 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame E836
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b1a6935b-f581-4405-9082-d8cc2a0cfc83&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b1a6935b-f581-4405-9082-d8cc2a0cfc83&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=b1a6935b-f581-4405-9082-d8cc2a0cfc83&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
s.ad.smaato.net/c/ Frame E836 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache, must-revalidate
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
C31pD3_sVeOfdOsLeZBMFXdZBQeuSFB-04_4irFGJSie2gQM7lr41w==
x-cache
FunctionGeneratedResponse from cloudfront
711890.gif
id.rlcdn.com/ Frame E836 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame E836
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.185.151.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p
a.audrte.com/ Frame E836
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmUE9LSVlYVExTZUNubGR4U1VaUDg4Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZlBPS0lZWFRMU2VDbmxk...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=9afHEdWncVDRMKR3a5-eHFHuA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=2430710121420823435&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.200.182.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-182-70.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/universal/ Frame E836 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.151.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ Frame D92C 		404 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074816
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
64967
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127485
x-xss-protection
0
server
cafe
etag
17275677167730277524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 22 May 2024 17:36:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame D92C 		34 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vip-iugu.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06dd90eac80906a508dc736207adad90421f22589a8952b360c71c79870b1102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38
x-xss-protection
0
expires
Wed, 24 May 2023 11:39:05 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 14BF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4354139647387671599&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x16 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 May 2023 11:39:04 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-8R_nDdxE2pkzxJDMAH4Z_c9MguyHHMcdSudE1Q--~A&expires=5&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 14BF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 14BF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e2204019d8a537ced53ec&gdpr=0&gdpr_consent=
43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e2204019d8a537ced53ec&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=091e2204019d8a537ced53ec&gdpr=0&gdpr_consent=
date
Wed, 24 May 2023 11:39:07 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
76670f3d-11f4-4c57-9fbd-654b2fa3018c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=5856040556656650501&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C21C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=CA1C474D-DB53-4993-A29E-3BE3E71F2CD0&gdpr=0&gdpr_consent=
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=CA1C474D-DB53-4993-A29E-3BE3E71F2CD0&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache,no-store
content-type
image/gif
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:04 GMT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=CA1C474D-DB53-4993-A29E-3BE3E71F2CD0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
eu-u.openx.net/w/1.0/ Frame A631 		647 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5463934a02805e1b27bcd6de5ba1aeb5eaff28b8558135f62943e31af688afa3

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
403
content-type
text/html
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
dcm
aax-eu.amazon-adsystem.com/s/ Frame 14BF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AGPQTW6KN6G4DFDH2C66
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=2430710121420823435&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 3F74
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8142337278588068361&gdpr=0&gdpr_consent=
43 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8142337278588068361&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache,no-store
content-type
image/gif
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Wed, 24 May 2023 11:39:05 GMT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=8142337278588068361&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
usermatch
ssum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
df4c28508b438e49632f243b488c493f88a1166d0a39345de07bfdcab00c3bfe

Request headers

Referer
https://csync.smartadserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1809
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:05 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Wed, 24 May 2023 11:39:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137899833488&gdpr=0&gdpr_consent=
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137899833488&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7236712137899833488&gdpr=0&gdpr_consent=
Date
Wed, 24 May 2023 11:39:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=sLu32eC4tIqrtuXe4L-s3re6tNyr6bHctro_k6w2
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=n3LC7FEub50d&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=n3LC7FEub50d&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
fr-FR
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=n3LC7FEub50d&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6d945594b4-4887d
expires
-1
genericusersync.ashx
sync.tidaltv.com/ Frame 14BF 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b002:aa55:d04a:d829:3323 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
654622
content-length
0
expires
Wed, 24 May 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZG33WQAMcZ4JegAp&gdpr=0&gdpr_consent=&_test=ZG33WQAMcZ4JegAp
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZG33WQAMcZ4JegAp&gdpr=0&gdpr_consent=&_test=ZG33WQAMcZ4JegAp
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-lcy-eglc8600043-LCY
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684928346.914584,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZG33WQAMcZ4JegAp&gdpr=0&gdpr_consent=&_test=ZG33WQAMcZ4JegAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
9.gif
id5-sync.com/i/102/ Frame 14BF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
RX-41237731-dd67-4c5e-b42f-b728337a3392-003
sync.targeting.unrulymedia.com/csync/ Frame 14BF
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=4855094341
  • https://sync.1rx.io/usersync/turn/8142337278588068361?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
213.19.147.45 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
/
b1sync.zemanta.com/usersync/smart/ Frame 14BF 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.127 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:05 GMT
bsync
visitor.omnitagjs.com/visitor/ Frame 14BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8ad95624-2103-4df6-9f01-7f712a1e7646&gdpr_consent=null&gdpr=0
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8ad95624-2103-4df6-9f01-7f712a1e7646&gdpr_consent=null&gdpr=0
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=8ad95624-2103-4df6-9f01-7f712a1e7646&gdpr_consent=null&gdpr=0
date
Wed, 24 May 2023 11:39:05 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 14BF
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e89b19df-823a-4e70-9b41-c265f94ec0be&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e89b19df-823a-4e70-9b41-c265f94ec0be&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e89b19df-823a-4e70-9b41-c265f94ec0be&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
s.ad.smaato.net/c/ Frame 14BF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache, must-revalidate
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
1m68BfBpH_OXuLOjfOYgC7juO601g7xiHua6tBeJ3kE8lXiKtWG2Mg==
x-cache
FunctionGeneratedResponse from cloudfront
711890.gif
id.rlcdn.com/ Frame 14BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/ Frame 14BF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.185.151.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p
a.audrte.com/ Frame 14BF
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmOUpEYlFWTTNRcHVLRGk4VHBlZ2ZZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZDlhZjlKRGJRVk0zUXB1S0Rp...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=9afHEdWncVDRMKR3a5-eHFHuA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=2430710121420823435&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=3764&dcid=10&iscname=false&cname=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.200.182.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-182-70.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/universal/ Frame 14BF 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.151.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
xMQOuFFYT72X5wkB_18qmnndmSdSnk-NKQI.woff2
fonts.gstatic.com/s/sora/v11/ Frame D92C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sora/v11/xMQOuFFYT72X5wkB_18qmnndmSdSnk-NKQI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@400&family=Source+Sans+Pro:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fc0e57273a6e0088003f4eda4b25f7d5a13552499b1e7195e8ac4f53b926683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 01:51:04 GMT
x-content-type-options
nosniff
age
35281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13380
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 18:20:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 May 2024 01:51:04 GMT
usync.js
eus.rubiconproject.com/ Frame C515 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 21:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34640
Connection
keep-alive
Content-Length
10085
Expires
Wed, 24 May 2023 21:16:25 GMT
sid
mug.criteo.com/ Frame 11B8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vip-iugu.com&sn=ChromeSyncframe&so=0&topUrl=vip-iugu.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=gmuPQnw4ZHJJTjA5M09SQVB3dmNOUFBTdUxoeE8xeWVtWFl3cnkzK1VrUzVqVzVMLzdUc1ovRlAxQTR2VlkrbXNPemFmTFR0d2hQVkdjZlB1SHk3TzdVa0IrVlhBWVhOMFZkSjN1UWZXUGFvVUN0Y3p3OWgxcTNTQ2w3RH...
436 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gmuPQnw4ZHJJTjA5M09SQVB3dmNOUFBTdUxoeE8xeWVtWFl3cnkzK1VrUzVqVzVMLzdUc1ovRlAxQTR2VlkrbXNPemFmTFR0d2hQVkdjZlB1SHk3TzdVa0IrVlhBWVhOMFZkSjN1UWZXUGFvVUN0Y3p3OWgxcTNTQ2w3RHE0eEQ5OFNNZTFuMzJKNTkwYUQ3cTROWGs5cmdwMmhIM1NubXQxcmo3VkpJejJlcnE0MHVtREM4UnRZMkJqTER2UkhKRm0vWWY3dVVkcG95OXVNRmk3VkV4bGNxK0JJaFlNUjk3a0R2cE8xWHhRYXFrbDJFUFlZZVNPNlpkbE1vb0N5b05kSXZ2YzhiVmwzU0w4TFRIVzhYcDdTNEl0dz09fA&cppv=2
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
604ba4151e685f19bb39de98a50f4f9efb4ca0b4306b39fb0707410ea0928bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1004612
expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=gmuPQnw4ZHJJTjA5M09SQVB3dmNOUFBTdUxoeE8xeWVtWFl3cnkzK1VrUzVqVzVMLzdUc1ovRlAxQTR2VlkrbXNPemFmTFR0d2hQVkdjZlB1SHk3TzdVa0IrVlhBWVhOMFZkSjN1UWZXUGFvVUN0Y3p3OWgxcTNTQ2w3RHE0eEQ5OFNNZTFuMzJKNTkwYUQ3cTROWGs5cmdwMmhIM1NubXQxcmo3VkpJejJlcnE0MHVtREM4UnRZMkJqTER2UkhKRm0vWWY3dVVkcG95OXVNRmk3VkV4bGNxK0JJaFlNUjk3a0R2cE8xWHhRYXFrbDJFUFlZZVNPNlpkbE1vb0N5b05kSXZ2YzhiVmwzU0w4TFRIVzhYcDdTNEl0dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
314660
content-length
0
expires
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D92C 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sora:wght@400&family=Source+Sans+Pro:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vip-iugu.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
498369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 May 2024 17:12:56 GMT
Como-recuperar-a-senha-da-nota-fiscal-paulista-SAIPOS-Sistema-para-Restaurantes-1-scaled.jpg
fdr.com.br/wp-content/uploads/2020/09/ Frame D92C 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fdr.com.br/wp-content/uploads/2020/09/Como-recuperar-a-senha-da-nota-fiscal-paulista-SAIPOS-Sistema-para-Restaurantes-1-scaled.jpg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.221.209 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-221-209.rev.poneytelecom.eu
Software
nginx/1.23.1 / PHP/7.4.30
Resource Hash
4c4bac1ac3c4932377504fe1f8e95886f74ba699c3f3eb565b15e39af1bf1c76

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
server
nginx/1.23.1
x-powered-by
PHP/7.4.30
content-type
image/webp
data2-cache-status
HIT
data2-cdn
DATA2-BR-2
cache-control
max-age=315360000
accept-webp
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C938 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=d9bd8476-d908-0e21-35dd-5cd939e97647
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
58f375ca-d866-a304-4398-f410e0ad60c8
pr-bh.ybp.yahoo.com/sync/openx/ Frame C938 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/58f375ca-d866-a304-4398-f410e0ad60c8?gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
eu-u.openx.net/w/1.0/ Frame C938
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=K5IyZHMN1Q1MPD5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=K5IyZHMN1Q1MPD5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=K5IyZHMN1Q1MPD5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C938
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=e1f8f63c98954d2fabdc4e20b67e730c&ssp=openx&bsw_param=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&consent=&gdpr_pd=&expires=7
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame C938
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5856040556656650501
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5856040556656650501
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a3f98ba7-5951-4eb2-b6a0-6d794f54aee1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5856040556656650501
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame C938 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.255.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-255-219.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C938
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9229646d-f759-4700-95c1-383303285949
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9229646d-f759-4700-95c1-383303285949
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 24 May 2023 11:39:05 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x26 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9229646d-f759-4700-95c1-383303285949
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 May 2023 11:39:04 GMT
css2
fonts.googleapis.com/ Frame D754 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 May 2023 11:12:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 May 2023 11:39:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DE4C 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6CB0 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6CB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 16:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
70013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 16:12:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 6CB0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 21:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
49362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 21:56:23 GMT
l
www.google.com/ads/measurement/ Frame 6CB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEcp5MPWff7rTsd_x5wNqAXiOso9i8LtoSIrch2tk0c3oFaOZEmuNYZ4ko_-6cFLcDIKYpKPDWUyFnj7-Tvm93oKQH8Q
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CB0 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54262
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684757038394838"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 11:39:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB0 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DThhSacvYArjKRAmkqBZXm0G44UyVJTN0TRzthRW9pnC3L6mIksZl5eJMqBOw96I9kOXbYgSyQCLTkpspO2OyedxjPhjq8in--VZmihnJN8wjVLWg
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB0 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8951421992493104121&x=1&ct=76
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame D754 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 22:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
49143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8271
x-xss-protection
0
server
cafe
etag
10419244916965318868
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 22:00:02 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 34C5 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56626164&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
46368803ca153af9fe50faa60c46746492b90334e5c454c5b63869a3dc53cc49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame D9A1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 21:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34640
Connection
keep-alive
Content-Length
10085
Expires
Wed, 24 May 2023 21:16:25 GMT
debug
trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/debug?tim=11%3A39%3A05.619&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=4643&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20206
debug
trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/debug?tim=11%3A39%3A05.621&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=6155&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20206
debug
trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/unknown-site-on-gridmidia-network/log/2/debug?tim=11%3A39%3A05.621&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=4484&cv=20230524-4-RELEASE&lt=deflated&pct=1
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20206
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-59848279-52&cid=611117631.1684928343&jid=808167071&_u=aEDAAEABAAAAACAAI~&z=1056549454
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-59848279-52&cid=611117631.1684928343&jid=808167071&_u=aEDAAEABAAAAACAAI~&z=1056549454
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A631 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=d9bd8476-d908-0e21-35dd-5cd939e97647
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A631 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame A631 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=86b5dd7e-1f7b-0b27-2051-64d31e8feebb
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.26.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-26-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame A631
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG33WQAMcZ4JegAp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG33WQAMcZ4JegAp
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-lcy-eglc8600043-LCY
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684928346.804745,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZG33WQAMcZ4JegAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame A631
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel-eu.onaudience.com/?partner=268&smartmap=1&gdpr=&gdpr_consent=&redirect=us-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=cb48b995552f7aca/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DF1rNcAsvjhWShRRVVVXMTgjg
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=F1rNcAsvjhWShRRVVVXMTgjg
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=F1rNcAsvjhWShRRVVVXMTgjg
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=F1rNcAsvjhWShRRVVVXMTgjg
content-length
0
sd
us-u.openx.net/w/1.0/ Frame A631
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame A631
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=E2KZsuFMiGOUO65SzOOXOw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3887249608877984&correlator=986417207913408&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=22002220734%2Cfdr.com.br%2CContent10_Desktop_Mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C300x250&fluid=height&ifi=4&adks=1783358673&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=indash_trackable%3D9a745eaa07b81236c4f486e5cd37f511b2b2b063%26fdr_id%3D229253%26_fdr_id%3D229253%26tipo_pagina%3Dpost%26categorias%3Dbancos%252Cfinancas%26tipo_post%3Dpost%26utm_source%3Dnull&sc=1&cookie=ID%3Deb8c64abebb47475%3AT%3D1684928343%3AS%3DALNI_MZfjznVK8BLDPzw8L3YStqDuwjOCg&gpic=UID%3D00000c33aa748377%3AT%3D1684928343%3ART%3D1684928343%3AS%3DALNI_MaXjBsIuKbLirEAPhS1KaLobF43HA&abxe=1&dt=1684928345739&lmt=1684806486&dlt=1684928342044&idt=760&adxs=632&adys=3090&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&url=https%3A%2F%2Fvip-iugu.com%2F&frm=20&vis=1&psz=730x64&msz=730x0&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=611117631.1684928343&ga_sid=1684928344&ga_hid=713924905&ga_fc=true&ga_cid=444436593.1684928343&a3p=EhwKDWNyd2RjbnRybC5uZXQYu-e47IQxSABSAghkEhkKCnB1YmNpZC5vcmcY6Oi47IQxSABSAghqEsIBCghydGJob3VzZRKsATQ5cWd4MWx1eDJscFJyTXRZNkVmL0daVi9nY2lYM3dOSnV6NUM5QmhMRFZhN0Fya0wyU0x5Zk83eCsweTc2eEhEWVBvRWV0VXl0b3lPNU5HUHNla0FNQ0pxc2FUU1dWblBYb2Z6WWtqa01pWEpFV0hVUjJNeTdrTkdmQlZrZkQ3WVpYdFF6eVlDU1UzOE1kT0tLcEFXUDJRR1dZUVArYm4ybUMzekFHemphRT0Yqum47IQxSAASHQoOZXNwLmNyaXRlby5jb20Yu-e47IQxSABSAghkEhQKBW9wZW54GO3buOyEMUgAUgIIZBIZCgp1aWRhcGkuY29tGLvnuOyEMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yney47IQxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39d2bb0bea0d1d190164be112aadcc1b0546b64d272504fc9b1e39dd07862bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10444
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3DFF 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
2d42c25f-ee87-49a1-bc32-82cae51c9ebc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 36EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 36EE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=0&gdpr_consent=&id=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MS1RENTKTNJEQKZZ0AR1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 36EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 36EE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 36EE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
demconf.jpg
dpm.demdex.net/ Frame 36EE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
52.31.219.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-219-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0d8a0b8fe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ETrEtHEzRDY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v048-034cd99df.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
iPPD7MjZS6w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 36EE 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 36EE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Server
2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
rtb-csync.smartadserver.com/redir/ Frame 36EE 		43 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=33&partneruserid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
casale
match.adsrvr.org/track/cmf/ Frame CE80 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=0
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&gdpr=0&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=0&gpp=&gpp_sid=&google_gid=CAESEGWZ6sOE-Rib1O10-tiIqgI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
365
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CE80 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=0&gdpr_consent=&id=ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H300NF54NJ7A7W13RM9Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEOSU7I2-8AACBVUGRWWg&expiration=1686137945&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEOSU7I2-8AACBVUGRWWg&expiration=1686137945&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEOSU7I2-8AACBVUGRWWg&expiration=1686137945&gdpr=0
Date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yxKCxpsRgZXQH9DBmxaZwcwTgcPQQITDzRMhX9So
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yxKCxpsRgZXQH9DBmxaZwcwTgcPQQITDzRMhX9So
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yxKCxpsRgZXQH9DBmxaZwcwTgcPQQITDzRMhX9So
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CE80 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZG33WUCmdsnwNP-4UHU_RgAACG0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame CE80
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=0
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame CE80 		43 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=33&partneruserid=ZG33WUCmdsnwNP.4UHU-RgAA%262157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
analytics.js
www.google-analytics.com/ Frame D92C 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207012791-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 May 2023 10:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3811
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 24 May 2023 12:35:34 GMT
async_usersync
ib.adnxs.com/ Frame 3003 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:05 GMT
AN-X-Request-Uuid
9adbb3ea-8aaf-4e90-addc-c3a6615e2a67
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame C515 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LI1MTZBH-9-NGY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame DE4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DE4C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZG33WUCmdsnwNP.4UHU-RgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHYMmAYgSy5UbwTX48XFwjc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DE4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJuNeQIE-sCbuM_Fh0kMXHo&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuNeQIE-sCbuM_Fh0kMXHo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:06 GMT
AN-X-Request-Uuid
7fca10a8-8e87-42ec-ac47-378978ef0169
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJuNeQIE-sCbuM_Fh0kMXHo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE4C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJPsIBC7jo4CGKOmk-YBMAE&v=APEucNUBmEZi-ohWYL_EDW91KL6Kos3jBTjO5mZxyHJdKOGLqu8qZgVd8EDhCefbLfA-izv-yarpRGzmdE8gzvmhKJch2WPxxV9moMSSxWbaYeKXHZyhU5wzVwnesXcz5iuPvplaV4R3_3n8FoI1dGpl8WsRtlx1qdhNTxgrv6Q1I8hRNxNxS0M
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a4985630-79c9-420a-a671-652d776661af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.fr/adsid/ Frame D92C 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=vip-iugu.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D92C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vip-iugu.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
RrTv1CW2D5U.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 3C08 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/RrTv1CW2D5U.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
content-md5
/VHakIX1zd7YWIXa1Ya6RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
59596
x-fb-rlafr
0
x-fb-debug
vUoHiosVERcZ/iaroE6R9lHzACuaBi24esU+9zcabqHYSBzbSdnezwqbzExV6c+4HdAQtsTTKsSQMzmh53/bNw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 09 May 2024 20:06:17 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 3C08 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=624959032072979&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df150c2821fc173c%26domain%3Dvip-iugu.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvip-iugu.com%252Ff150f31bc94b0e4%26relation%3Dparent.parent&container_width=730&height=100&href=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&lazy=true&locale=pt_BR&numposts=15&sdk=joey&version=v12.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1131
x-fb-rlafr
0
x-fb-debug
rFmNKJJOVzfPqkp9mj6brogvO0b6idQ1jmBK1M4jetkLoxCmmwKM0sf4B4pr6EMVXAugQNPlToRp07o1HXzhEA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/jpeg
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 May 2024 22:57:59 GMT
collect
region1.google-analytics.com/g/ Frame 6216 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RQL80RY6XN&gtm=45je35m0&_p=573546580&cid=519698379.1684928345&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&dt=&dr=&sid=1684928345&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.read_aloud_url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&ep.client_storage=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQL80RY6XN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gstatic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5935472346484&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5935472346484&version=m202301230201&ct=76&x=1&cor=8951421992493104000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6CB0 		79 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvMstOKpH75PdSR-ZhkQ7OKudqDqinq3GNBd9Q-4wKIXFFs7CRXLX2zR7WcraPcspvKCmo8d_IpoH0wAdD3D45adyjzg&cry=1&dbm_d=AKAmf-AlJW-hGMAuSZVq8ZhP3xBn3R-ds4sX-mhEgsl7d_BwbwbRv6YP8teYqNy5wPFiXEncjIP3kr7tX3HWb0l2AJGAgU2DKqz_wGfDoLJbnDp8QM9YVqQyK_Dzluj2Iy_J2ZaORNORNhDf3bgYoDK6SVGITpo1Q6iAXjVpXWYsF18mYiqLiK2JpzDsh2ye5bTLOk0v9H910qOLQgmmhn-D3M39Vr8fci1DNv4LJ-gdAndWz4eSLtWeZGI49mFiP4fl3E2r8vHZQbU4_9PYMVpqaCkTbmLhKbvwxXwY9x96K9quMtpikitRikJqrmcaKPvxTE0w9sa0S-jKqf3LOmPrWbtllWgxI12OStcNNpOLeklMxFzDVoeIe_qvMALVwdB9rygi3mqsnytcxNxWHybWzctt6_wwcMfkrRBwo9ecja5xwIPWMiOMowgNZRyT9r7hO1L7aFnmlKoTFe3C7l0hBuflwwIOBLC_eX3Q1L2x5TLqYv-ujmqnbORttTy6PSkbaRCJ0yQclLnvCjHEonhgit_okGXPpfEhzhnkqnNgt-Ix0v2OisEdI_Uln9EZpwnDFNKYhUM29u2_1O7xacAnSFpIcKsTnHcbhIzfznRmB0ZeEIzdjk_i03Nk69EvPJgAWwFEe0wrXPWpPfC27kjLhkaP931SPsU8yUcThnrlcN3w76amekfelZ0q8imBgj-8sXauqLU4aAZVzO_bIpGTyv0o2AFMLkbyNWBLUaW_SNsDQejtzi8JsvooPnweGCf9TQ49cFkniLV7xarfOjKA4209cBmm3NnETX14iiWU1oH1-sem5G5NSWs-HfBps719iw5wEPk3i4v6xO7mQrCeKd6YoedhFZUx7Hj2VUOtMc7YkBylumYBZi-vO1pnZowXtukOyArOHWjDd9-9UaQFwp1JozionSHmI6Y_666TEV7rmzzsglQTB0auTdNo50HVdrKJkxU4Emhj98kZStpl4rqtFBy4Y8AT_ou2XtpaJ397vvj69Y4te3Cnr8tiyfv8DXtZNepMQInTgNIVZHzrk18xsPKUPDvS_Ej48pgQOqycPbiruRZCwr0cNT8X6v9z2vDvncowiYfykAKEkyS5I7ibHJU731PCdVL9wGBh17ku-Xiapo11rvl_I25enCPYAHnXeEwQ8rFMzIrn7X-G9Gdpa1sw6VuYz73RS5v8WUvHbaGs4_Nmq2F5dY0bv2VHTwRMxim5VGZgk7KC4aO8p-8c99_bDUxrBFnSDzGpxC3qd-bpZR9MVAbeWz8E9fXskNRYdPmIR8_vVKIjz1vijYna2jE0kTg9lcS3xHJvuqU6ttrqD1z90BAAiZuyg07IejvO3c5JtWU7cBaQ7noX62nUKLYKc00ozRE6wK6fNluG0A3LJWwJggzNctfmkNQp7_AJmIxUrAsj7sjxyiGJXYa0FmiwpQE7TzSz3iGQsn7vV1RxnHB-ZDAs9msvW0B_oeVuVgwEKuucesRB2iEVpvVrrPiJViQq6R6hnwpHKVjChHl6IaS-gRH-limh6Fq02vBrkWagt8BC8x5sZzeEftbuk-JrOdiVpXN2LDmA6Eno57ETGLjOLRSuKFjlameJrzLss7CzQxJeRSaCnHl_qaoecePDxOzic_ojBHIMYOzNFWWSdF6wNQWQwQTGxsZiyWw8vzGK2g0trbrSOONuyEQ8wGUXMp8ZIcLzukwLmk0niaLJB1pN_jeuqJmMia8gOZFP3oHqPWx73rFJriuEuEbnn3bgdbs91cWKqAWGtH9pzpkNQwS4YvqWGSTrQqQ6-IBZRWvmdZjfbgE1nCZ6URCeABktv_nLSlnAFD9JwOoiAEnKPwBgReGE9yacGok9NRvDVPlVFmhtxrvtuh96uAClA2s55k7qVHabzTTn9kqfQBaZCamTXfdEunkzS4VcFLRDb6AcZcwmEzVxf5k6O0zAHechn13LLpbNdK2Xh3X7GMqHAi4ja0-2i3_VdkyxSAGl3uE9fqlYnvhW7NMPfYBApCqPotJDyKS2MZNLQw3hPFWW9kfQWArFkCNd8xigILZAA-Vp46MzlERBPV_9ufMWogyMHtzhB833sP9Ej2cKnOupK26_HwUkNOUcqbVpjQsVn8bhYPfKdnbnCMvQ_cVYFbc-9gnoLo0hKKQ9ob9_at6qTjf41GevCZeIhBtJG-Ztzj31GgooTeZSYGhEl2uy18Olmr6bxf5Vlp6N2FFCZujL1ZvAtd_gE0dojl6Jw4X5y8Mx4pjCMQ57xBKUmJvxg5XWiqG5RxYkqEMnRSAqESJvGbeRljzxZumoxdrH5HNPKjKQaWaXu0COq9GT4jbxjBky2x4J-5c_lhzDQULzVV-3kFqpt_QIYf45C0saAi12JDw738i_zNRnjPWl-CJedhaCPiFR004wXQfTE9pG4Te5TCyqtjaIB3d25i3JGWoOrmfRHzMyTAmx3KUK5EdIKnR7q_iSlC1wMgPWphTNHWAk1QLgBqNTPp0QljVTKewxmlt5Y3mZ6NHxzXrd9v76PeALqLymPTNaaljD7tWrBJVj_pLC3PSeGB7nD-zHdpBNrKv3nwnksZLR41y6OHee-Old7SLHMOrSsX-xyfz-XPKIStHaGtOGyoZo5RG0vpW_MW4nN9eCNqBCv_keRjLZaFYEPxpmkbged7gb6SvZNu4lCCuzIHz41wdFy17wZNyRBYhFUpvJZqkST0QDYTytPzloMOeb6aDZEJKbM1Uue8b23cJFzdcWn3XYSqWSnwnP7olSzddR0COpi3D8pyn4pseHh2g3yG55zfAMcvROEAwLoVBZ59rDRNXYta4Aw10TOmoFXe0pJ25xTCf06-Zj0msbd_5Kim84DETUqBifkH3AuDDfvZI0oErjZR22g2P_MIFDAxJ8IUdLt4s1fDGR_lyqk6ccR8A4VbYyoPblDkX_RnU7pGPQXm6ozxulrA7Ref-1Tq2nZ9pCsHpEYqMLwHy9zT2piW-ZXnMxeXeLYpGMtlmHOemZtbye6sbBPdykXMC0jC6fpEyw5GRKC9RbCGvTapecDNWHF8HN0ctVZFWTSINfY568uLXd1hFj72p6ZjY2j6YCEJPDaNl7tqFLjE4d8MMKckx3QAYaPlCmq-IvLynCwZDDxctmaAfVd7j2t-09WbGa4484BwD3j5KpCEVP3sbRlNSMPgepA5riMEcOISsugkmpgNrYlxUi6FpQTTwWRvWt0aqim100bXltb0GS3M4tDDa5qCLK51aTRjjOikpubvBmqKqW-aZPtWiUiVP4&cid=CAQSPABygQiDtzx6eqUI_q6YKGNR8ycJDd_vwhyicU6wLJ9KNhmBHRuRiW7ywMepllvQpsB_vqL0uHnQdWQ34hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvip-iugu.com%2F&ds=l&xdt=1&iif=1&cor=8951421992493104000&adk=1898548631&idt=186&cac=0&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fef9bdb0e588f1f297c65edb1f1678de348c48ca1a68356bd875ac997ccb8ea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36764
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ Frame 6216 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RZ8ETGC2K4&gtm=45je35m0&_p=573546580&cid=2118410597.1684928345&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&dt=&dr=&sid=1684928346&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.read_aloud_url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&ep.client_storage=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ8ETGC2K4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gstatic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75C4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
42 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 24 May 2023 11:39:06 GMT
Expires
Wed, 24 May 2023 11:39:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master cdg-pixel-x29 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9229646d-f759-4700-95c1-383303285949&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 308F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727906168966
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727906168966
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 24 May 2023 11:39:06 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727906168966
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 5D64
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:05 GMT
expires
Wed, 24 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
847024
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pubmatic
d5p.de17a.com/getuid/ Frame 5300 		35 B
125 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.181 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame F657 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1663283F-490C-4B0F-83AC-BF248722F976&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 24 May 2023 11:39:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QJHV0P6WQ2QQHDZZK66W
Pug
image2.pubmatic.com/AdServer/ Frame 9534
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 24 May 2023 11:39:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 0655
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5856040556656650501&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5856040556656650501&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
9d3c4a83-dc8b-42bc-b3f9-8c8070a8d9b7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 24 May 2023 11:39:06 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5856040556656650501&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2CB8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236712137899833488&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236712137899833488&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 24 May 2023 11:39:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7236712137899833488&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1249 		85 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy-eglc8600043-LCY
x-timer
S1684928346.228029,VS0,VE78
Pug
image2.pubmatic.com/AdServer/ Frame ADE9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT1NVN0kyLThBQUNCVlVHUldXZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_init...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEOSU7I2-8AACBVUGRWWg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEOSU7I2-8AACBVUGRWWg&pid=558502&do=add&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 24 May 2023 11:39:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOSU7I2-8AACBVUGRWWg&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FEE3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ld407ELKX49W5B1_4sBx81ze1BA&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ld407ELKX49W5B1_4sBx81ze1BA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 24 May 2023 11:39:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ld407ELKX49W5B1_4sBx81ze1BA&gdpr=0&gdpr_consent=
cm
ipac.ctnsnet.com/int/ Frame 42DF 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 24 May 2023 11:39:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame BCFC
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 24 May 2023 11:39:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 014C 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 24 May 2023 11:39:06 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-75d83daf3d89@version_1.551v2
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame 53E1 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 24 May 2023 11:39:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
i.match
s.tribalfusion.com/z/ Frame D5ED
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cc541956f8fd2b3-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cc541944ef0d2b3-CDG
content-type
text/html
date
Wed, 24 May 2023 11:39:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
517
Pug
simage2.pubmatic.com/AdServer/ Frame 6570
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
42 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
contextual.media.net/ Frame B865 		61 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=pba&refUrl=&vid=49283449033279299430715216000V10&ovsid=1663283F-490C-4B0F-83AC-BF248722F976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Wed, 24 May 2023 11:39:06 GMT
expires
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FmMoP0kMSw-DrL8khyL5dg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=152304
accept-ranges
bytes
content-length
5554
expires
Fri, 26 May 2023 05:57:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 34C5 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.22.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-22-70.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.199
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 34C5
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2184580283
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2184580283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
last-modified
Wed, 24 May 2023 11:39:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
last-modified
Wed, 24 May 2023 11:39:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2184580283
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 34C5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=1663283F-490C-4B0F-83AC-BF248722F976
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFmSEVkV25jVkRSTUtSM2E1LWVIRkh1QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4354139647387671599&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
34.200.182.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-182-70.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY2MzI4M0YtNDkwQy00QjBGLTgzQUMtQkYyNDg3MjJGOTc2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRkuitHRKXo5Z54iiIEXi4&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRkuitHRKXo5Z54iiIEXi4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENRkuitHRKXo5Z54iiIEXi4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 34C5 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 23 May 2023 11:39:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4354139647387671599
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4354139647387671599
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4354139647387671599
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 34C5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1663283F-490C-4B0F-83AC-BF248722F976&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nB6CgEtE2uUov0c9F5gqw..xxNtZ1co-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nB6CgEtE2uUov0c9F5gqw..xxNtZ1co-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nB6CgEtE2uUov0c9F5gqw..xxNtZ1co-~A&gdpr=0
date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1663283F-490C-4B0F-83AC-BF248722F976
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 34C5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1663283F-490C-4B0F-83AC-BF248722F976?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:cc5:dc1b:2834:9d22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559727906168966&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59d8d7a1-b30d-4117-b1d3-268fc6501b02&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 34C5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 34C5 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5856040556656650501
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5856040556656650501
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b08fdedb-8702-49cc-aa0e-6ecbde47484c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5856040556656650501
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 11:39:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8142337278588068361&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 34C5
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2f9d9f5a-94d6-48f7-b2a3-50eb1e37d001&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2f9d9f5a-94d6-48f7-b2a3-50eb1e37d001&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:2f9d9f5a-94d6-48f7-b2a3-50eb1e37d001&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 24 May 2023 11:39:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
collect
www.google-analytics.com/j/ Frame D92C 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=760223157&t=pageview&_s=1&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&_u=QACAAUABAAAAACAAI~&jid=979977843&gjid=14405424&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&_r=1&gtm=457e35m0&jsscut=1&z=900985052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D92C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=760223157&t=event&ni=1&_s=2&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&ec=card_view&ea=card_view&el=A4246F344EAF89B9427C181E3D10C19F30173534&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=773365710
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D92C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=760223157&t=event&ni=1&_s=3&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&ec=card_view&ea=card_view&el=09B2C235D01E6D95215C2A00D487562A4E264B98&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=1414351684
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D92C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=760223157&t=event&ni=1&_s=4&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&ec=card_view&ea=card_view&el=0D23130DAEA3D6ACB2B5A6BDA019E8F09A8EC302&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=518695488
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D92C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=760223157&t=event&ni=1&_s=5&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&ec=card_view&ea=card_view&el=0AB14A898F4E754F2B2F3B538D759FC8FADFF412&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=951053732
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame D92C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=760223157&t=event&ni=1&_s=6&dl=https%3A%2F%2Fvip-iugu.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=730x507&je=0&ec=card_view&ea=card_view&el=0C0F4AB6BC7DA029C3B0975903D5DD8831BE3782&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=611117631.1684928343&tid=UA-207012791-1&_gid=444436593.1684928343&gtm=457e35m0&jsscut=1&z=2106857694
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 00:30:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 6CB0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvMstOKpH75PdSR-ZhkQ7OKudqDqinq3GNBd9Q-4wKIXFFs7CRXLX2zR7WcraPcspvKCmo8d_IpoH0wAdD3D45adyjzg&cry=1&dbm_d=AKAmf-AlJW-hGMAuSZVq8ZhP3xBn3R-ds4sX-mhEgsl7d_BwbwbRv6YP8teYqNy5wPFiXEncjIP3kr7tX3HWb0l2AJGAgU2DKqz_wGfDoLJbnDp8QM9YVqQyK_Dzluj2Iy_J2ZaORNORNhDf3bgYoDK6SVGITpo1Q6iAXjVpXWYsF18mYiqLiK2JpzDsh2ye5bTLOk0v9H910qOLQgmmhn-D3M39Vr8fci1DNv4LJ-gdAndWz4eSLtWeZGI49mFiP4fl3E2r8vHZQbU4_9PYMVpqaCkTbmLhKbvwxXwY9x96K9quMtpikitRikJqrmcaKPvxTE0w9sa0S-jKqf3LOmPrWbtllWgxI12OStcNNpOLeklMxFzDVoeIe_qvMALVwdB9rygi3mqsnytcxNxWHybWzctt6_wwcMfkrRBwo9ecja5xwIPWMiOMowgNZRyT9r7hO1L7aFnmlKoTFe3C7l0hBuflwwIOBLC_eX3Q1L2x5TLqYv-ujmqnbORttTy6PSkbaRCJ0yQclLnvCjHEonhgit_okGXPpfEhzhnkqnNgt-Ix0v2OisEdI_Uln9EZpwnDFNKYhUM29u2_1O7xacAnSFpIcKsTnHcbhIzfznRmB0ZeEIzdjk_i03Nk69EvPJgAWwFEe0wrXPWpPfC27kjLhkaP931SPsU8yUcThnrlcN3w76amekfelZ0q8imBgj-8sXauqLU4aAZVzO_bIpGTyv0o2AFMLkbyNWBLUaW_SNsDQejtzi8JsvooPnweGCf9TQ49cFkniLV7xarfOjKA4209cBmm3NnETX14iiWU1oH1-sem5G5NSWs-HfBps719iw5wEPk3i4v6xO7mQrCeKd6YoedhFZUx7Hj2VUOtMc7YkBylumYBZi-vO1pnZowXtukOyArOHWjDd9-9UaQFwp1JozionSHmI6Y_666TEV7rmzzsglQTB0auTdNo50HVdrKJkxU4Emhj98kZStpl4rqtFBy4Y8AT_ou2XtpaJ397vvj69Y4te3Cnr8tiyfv8DXtZNepMQInTgNIVZHzrk18xsPKUPDvS_Ej48pgQOqycPbiruRZCwr0cNT8X6v9z2vDvncowiYfykAKEkyS5I7ibHJU731PCdVL9wGBh17ku-Xiapo11rvl_I25enCPYAHnXeEwQ8rFMzIrn7X-G9Gdpa1sw6VuYz73RS5v8WUvHbaGs4_Nmq2F5dY0bv2VHTwRMxim5VGZgk7KC4aO8p-8c99_bDUxrBFnSDzGpxC3qd-bpZR9MVAbeWz8E9fXskNRYdPmIR8_vVKIjz1vijYna2jE0kTg9lcS3xHJvuqU6ttrqD1z90BAAiZuyg07IejvO3c5JtWU7cBaQ7noX62nUKLYKc00ozRE6wK6fNluG0A3LJWwJggzNctfmkNQp7_AJmIxUrAsj7sjxyiGJXYa0FmiwpQE7TzSz3iGQsn7vV1RxnHB-ZDAs9msvW0B_oeVuVgwEKuucesRB2iEVpvVrrPiJViQq6R6hnwpHKVjChHl6IaS-gRH-limh6Fq02vBrkWagt8BC8x5sZzeEftbuk-JrOdiVpXN2LDmA6Eno57ETGLjOLRSuKFjlameJrzLss7CzQxJeRSaCnHl_qaoecePDxOzic_ojBHIMYOzNFWWSdF6wNQWQwQTGxsZiyWw8vzGK2g0trbrSOONuyEQ8wGUXMp8ZIcLzukwLmk0niaLJB1pN_jeuqJmMia8gOZFP3oHqPWx73rFJriuEuEbnn3bgdbs91cWKqAWGtH9pzpkNQwS4YvqWGSTrQqQ6-IBZRWvmdZjfbgE1nCZ6URCeABktv_nLSlnAFD9JwOoiAEnKPwBgReGE9yacGok9NRvDVPlVFmhtxrvtuh96uAClA2s55k7qVHabzTTn9kqfQBaZCamTXfdEunkzS4VcFLRDb6AcZcwmEzVxf5k6O0zAHechn13LLpbNdK2Xh3X7GMqHAi4ja0-2i3_VdkyxSAGl3uE9fqlYnvhW7NMPfYBApCqPotJDyKS2MZNLQw3hPFWW9kfQWArFkCNd8xigILZAA-Vp46MzlERBPV_9ufMWogyMHtzhB833sP9Ej2cKnOupK26_HwUkNOUcqbVpjQsVn8bhYPfKdnbnCMvQ_cVYFbc-9gnoLo0hKKQ9ob9_at6qTjf41GevCZeIhBtJG-Ztzj31GgooTeZSYGhEl2uy18Olmr6bxf5Vlp6N2FFCZujL1ZvAtd_gE0dojl6Jw4X5y8Mx4pjCMQ57xBKUmJvxg5XWiqG5RxYkqEMnRSAqESJvGbeRljzxZumoxdrH5HNPKjKQaWaXu0COq9GT4jbxjBky2x4J-5c_lhzDQULzVV-3kFqpt_QIYf45C0saAi12JDw738i_zNRnjPWl-CJedhaCPiFR004wXQfTE9pG4Te5TCyqtjaIB3d25i3JGWoOrmfRHzMyTAmx3KUK5EdIKnR7q_iSlC1wMgPWphTNHWAk1QLgBqNTPp0QljVTKewxmlt5Y3mZ6NHxzXrd9v76PeALqLymPTNaaljD7tWrBJVj_pLC3PSeGB7nD-zHdpBNrKv3nwnksZLR41y6OHee-Old7SLHMOrSsX-xyfz-XPKIStHaGtOGyoZo5RG0vpW_MW4nN9eCNqBCv_keRjLZaFYEPxpmkbged7gb6SvZNu4lCCuzIHz41wdFy17wZNyRBYhFUpvJZqkST0QDYTytPzloMOeb6aDZEJKbM1Uue8b23cJFzdcWn3XYSqWSnwnP7olSzddR0COpi3D8pyn4pseHh2g3yG55zfAMcvROEAwLoVBZ59rDRNXYta4Aw10TOmoFXe0pJ25xTCf06-Zj0msbd_5Kim84DETUqBifkH3AuDDfvZI0oErjZR22g2P_MIFDAxJ8IUdLt4s1fDGR_lyqk6ccR8A4VbYyoPblDkX_RnU7pGPQXm6ozxulrA7Ref-1Tq2nZ9pCsHpEYqMLwHy9zT2piW-ZXnMxeXeLYpGMtlmHOemZtbye6sbBPdykXMC0jC6fpEyw5GRKC9RbCGvTapecDNWHF8HN0ctVZFWTSINfY568uLXd1hFj72p6ZjY2j6YCEJPDaNl7tqFLjE4d8MMKckx3QAYaPlCmq-IvLynCwZDDxctmaAfVd7j2t-09WbGa4484BwD3j5KpCEVP3sbRlNSMPgepA5riMEcOISsugkmpgNrYlxUi6FpQTTwWRvWt0aqim100bXltb0GS3M4tDDa5qCLK51aTRjjOikpubvBmqKqW-aZPtWiUiVP4&cid=CAQSPABygQiDtzx6eqUI_q6YKGNR8ycJDd_vwhyicU6wLJ9KNhmBHRuRiW7ywMepllvQpsB_vqL0uHnQdWQ34hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvip-iugu.com%2F&ds=l&xdt=1&iif=1&cor=8951421992493104000&adk=1898548631&idt=186&cac=0&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 22:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
48943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 22:03:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame 6CB0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvMstOKpH75PdSR-ZhkQ7OKudqDqinq3GNBd9Q-4wKIXFFs7CRXLX2zR7WcraPcspvKCmo8d_IpoH0wAdD3D45adyjzg&cry=1&dbm_d=AKAmf-AlJW-hGMAuSZVq8ZhP3xBn3R-ds4sX-mhEgsl7d_BwbwbRv6YP8teYqNy5wPFiXEncjIP3kr7tX3HWb0l2AJGAgU2DKqz_wGfDoLJbnDp8QM9YVqQyK_Dzluj2Iy_J2ZaORNORNhDf3bgYoDK6SVGITpo1Q6iAXjVpXWYsF18mYiqLiK2JpzDsh2ye5bTLOk0v9H910qOLQgmmhn-D3M39Vr8fci1DNv4LJ-gdAndWz4eSLtWeZGI49mFiP4fl3E2r8vHZQbU4_9PYMVpqaCkTbmLhKbvwxXwY9x96K9quMtpikitRikJqrmcaKPvxTE0w9sa0S-jKqf3LOmPrWbtllWgxI12OStcNNpOLeklMxFzDVoeIe_qvMALVwdB9rygi3mqsnytcxNxWHybWzctt6_wwcMfkrRBwo9ecja5xwIPWMiOMowgNZRyT9r7hO1L7aFnmlKoTFe3C7l0hBuflwwIOBLC_eX3Q1L2x5TLqYv-ujmqnbORttTy6PSkbaRCJ0yQclLnvCjHEonhgit_okGXPpfEhzhnkqnNgt-Ix0v2OisEdI_Uln9EZpwnDFNKYhUM29u2_1O7xacAnSFpIcKsTnHcbhIzfznRmB0ZeEIzdjk_i03Nk69EvPJgAWwFEe0wrXPWpPfC27kjLhkaP931SPsU8yUcThnrlcN3w76amekfelZ0q8imBgj-8sXauqLU4aAZVzO_bIpGTyv0o2AFMLkbyNWBLUaW_SNsDQejtzi8JsvooPnweGCf9TQ49cFkniLV7xarfOjKA4209cBmm3NnETX14iiWU1oH1-sem5G5NSWs-HfBps719iw5wEPk3i4v6xO7mQrCeKd6YoedhFZUx7Hj2VUOtMc7YkBylumYBZi-vO1pnZowXtukOyArOHWjDd9-9UaQFwp1JozionSHmI6Y_666TEV7rmzzsglQTB0auTdNo50HVdrKJkxU4Emhj98kZStpl4rqtFBy4Y8AT_ou2XtpaJ397vvj69Y4te3Cnr8tiyfv8DXtZNepMQInTgNIVZHzrk18xsPKUPDvS_Ej48pgQOqycPbiruRZCwr0cNT8X6v9z2vDvncowiYfykAKEkyS5I7ibHJU731PCdVL9wGBh17ku-Xiapo11rvl_I25enCPYAHnXeEwQ8rFMzIrn7X-G9Gdpa1sw6VuYz73RS5v8WUvHbaGs4_Nmq2F5dY0bv2VHTwRMxim5VGZgk7KC4aO8p-8c99_bDUxrBFnSDzGpxC3qd-bpZR9MVAbeWz8E9fXskNRYdPmIR8_vVKIjz1vijYna2jE0kTg9lcS3xHJvuqU6ttrqD1z90BAAiZuyg07IejvO3c5JtWU7cBaQ7noX62nUKLYKc00ozRE6wK6fNluG0A3LJWwJggzNctfmkNQp7_AJmIxUrAsj7sjxyiGJXYa0FmiwpQE7TzSz3iGQsn7vV1RxnHB-ZDAs9msvW0B_oeVuVgwEKuucesRB2iEVpvVrrPiJViQq6R6hnwpHKVjChHl6IaS-gRH-limh6Fq02vBrkWagt8BC8x5sZzeEftbuk-JrOdiVpXN2LDmA6Eno57ETGLjOLRSuKFjlameJrzLss7CzQxJeRSaCnHl_qaoecePDxOzic_ojBHIMYOzNFWWSdF6wNQWQwQTGxsZiyWw8vzGK2g0trbrSOONuyEQ8wGUXMp8ZIcLzukwLmk0niaLJB1pN_jeuqJmMia8gOZFP3oHqPWx73rFJriuEuEbnn3bgdbs91cWKqAWGtH9pzpkNQwS4YvqWGSTrQqQ6-IBZRWvmdZjfbgE1nCZ6URCeABktv_nLSlnAFD9JwOoiAEnKPwBgReGE9yacGok9NRvDVPlVFmhtxrvtuh96uAClA2s55k7qVHabzTTn9kqfQBaZCamTXfdEunkzS4VcFLRDb6AcZcwmEzVxf5k6O0zAHechn13LLpbNdK2Xh3X7GMqHAi4ja0-2i3_VdkyxSAGl3uE9fqlYnvhW7NMPfYBApCqPotJDyKS2MZNLQw3hPFWW9kfQWArFkCNd8xigILZAA-Vp46MzlERBPV_9ufMWogyMHtzhB833sP9Ej2cKnOupK26_HwUkNOUcqbVpjQsVn8bhYPfKdnbnCMvQ_cVYFbc-9gnoLo0hKKQ9ob9_at6qTjf41GevCZeIhBtJG-Ztzj31GgooTeZSYGhEl2uy18Olmr6bxf5Vlp6N2FFCZujL1ZvAtd_gE0dojl6Jw4X5y8Mx4pjCMQ57xBKUmJvxg5XWiqG5RxYkqEMnRSAqESJvGbeRljzxZumoxdrH5HNPKjKQaWaXu0COq9GT4jbxjBky2x4J-5c_lhzDQULzVV-3kFqpt_QIYf45C0saAi12JDw738i_zNRnjPWl-CJedhaCPiFR004wXQfTE9pG4Te5TCyqtjaIB3d25i3JGWoOrmfRHzMyTAmx3KUK5EdIKnR7q_iSlC1wMgPWphTNHWAk1QLgBqNTPp0QljVTKewxmlt5Y3mZ6NHxzXrd9v76PeALqLymPTNaaljD7tWrBJVj_pLC3PSeGB7nD-zHdpBNrKv3nwnksZLR41y6OHee-Old7SLHMOrSsX-xyfz-XPKIStHaGtOGyoZo5RG0vpW_MW4nN9eCNqBCv_keRjLZaFYEPxpmkbged7gb6SvZNu4lCCuzIHz41wdFy17wZNyRBYhFUpvJZqkST0QDYTytPzloMOeb6aDZEJKbM1Uue8b23cJFzdcWn3XYSqWSnwnP7olSzddR0COpi3D8pyn4pseHh2g3yG55zfAMcvROEAwLoVBZ59rDRNXYta4Aw10TOmoFXe0pJ25xTCf06-Zj0msbd_5Kim84DETUqBifkH3AuDDfvZI0oErjZR22g2P_MIFDAxJ8IUdLt4s1fDGR_lyqk6ccR8A4VbYyoPblDkX_RnU7pGPQXm6ozxulrA7Ref-1Tq2nZ9pCsHpEYqMLwHy9zT2piW-ZXnMxeXeLYpGMtlmHOemZtbye6sbBPdykXMC0jC6fpEyw5GRKC9RbCGvTapecDNWHF8HN0ctVZFWTSINfY568uLXd1hFj72p6ZjY2j6YCEJPDaNl7tqFLjE4d8MMKckx3QAYaPlCmq-IvLynCwZDDxctmaAfVd7j2t-09WbGa4484BwD3j5KpCEVP3sbRlNSMPgepA5riMEcOISsugkmpgNrYlxUi6FpQTTwWRvWt0aqim100bXltb0GS3M4tDDa5qCLK51aTRjjOikpubvBmqKqW-aZPtWiUiVP4&cid=CAQSPABygQiDtzx6eqUI_q6YKGNR8ycJDd_vwhyicU6wLJ9KNhmBHRuRiW7ywMepllvQpsB_vqL0uHnQdWQ34hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvip-iugu.com%2F&ds=l&xdt=1&iif=1&cor=8951421992493104000&adk=1898548631&idt=186&cac=0&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 21:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
49564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 21:53:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6CB0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvMstOKpH75PdSR-ZhkQ7OKudqDqinq3GNBd9Q-4wKIXFFs7CRXLX2zR7WcraPcspvKCmo8d_IpoH0wAdD3D45adyjzg&cry=1&dbm_d=AKAmf-AlJW-hGMAuSZVq8ZhP3xBn3R-ds4sX-mhEgsl7d_BwbwbRv6YP8teYqNy5wPFiXEncjIP3kr7tX3HWb0l2AJGAgU2DKqz_wGfDoLJbnDp8QM9YVqQyK_Dzluj2Iy_J2ZaORNORNhDf3bgYoDK6SVGITpo1Q6iAXjVpXWYsF18mYiqLiK2JpzDsh2ye5bTLOk0v9H910qOLQgmmhn-D3M39Vr8fci1DNv4LJ-gdAndWz4eSLtWeZGI49mFiP4fl3E2r8vHZQbU4_9PYMVpqaCkTbmLhKbvwxXwY9x96K9quMtpikitRikJqrmcaKPvxTE0w9sa0S-jKqf3LOmPrWbtllWgxI12OStcNNpOLeklMxFzDVoeIe_qvMALVwdB9rygi3mqsnytcxNxWHybWzctt6_wwcMfkrRBwo9ecja5xwIPWMiOMowgNZRyT9r7hO1L7aFnmlKoTFe3C7l0hBuflwwIOBLC_eX3Q1L2x5TLqYv-ujmqnbORttTy6PSkbaRCJ0yQclLnvCjHEonhgit_okGXPpfEhzhnkqnNgt-Ix0v2OisEdI_Uln9EZpwnDFNKYhUM29u2_1O7xacAnSFpIcKsTnHcbhIzfznRmB0ZeEIzdjk_i03Nk69EvPJgAWwFEe0wrXPWpPfC27kjLhkaP931SPsU8yUcThnrlcN3w76amekfelZ0q8imBgj-8sXauqLU4aAZVzO_bIpGTyv0o2AFMLkbyNWBLUaW_SNsDQejtzi8JsvooPnweGCf9TQ49cFkniLV7xarfOjKA4209cBmm3NnETX14iiWU1oH1-sem5G5NSWs-HfBps719iw5wEPk3i4v6xO7mQrCeKd6YoedhFZUx7Hj2VUOtMc7YkBylumYBZi-vO1pnZowXtukOyArOHWjDd9-9UaQFwp1JozionSHmI6Y_666TEV7rmzzsglQTB0auTdNo50HVdrKJkxU4Emhj98kZStpl4rqtFBy4Y8AT_ou2XtpaJ397vvj69Y4te3Cnr8tiyfv8DXtZNepMQInTgNIVZHzrk18xsPKUPDvS_Ej48pgQOqycPbiruRZCwr0cNT8X6v9z2vDvncowiYfykAKEkyS5I7ibHJU731PCdVL9wGBh17ku-Xiapo11rvl_I25enCPYAHnXeEwQ8rFMzIrn7X-G9Gdpa1sw6VuYz73RS5v8WUvHbaGs4_Nmq2F5dY0bv2VHTwRMxim5VGZgk7KC4aO8p-8c99_bDUxrBFnSDzGpxC3qd-bpZR9MVAbeWz8E9fXskNRYdPmIR8_vVKIjz1vijYna2jE0kTg9lcS3xHJvuqU6ttrqD1z90BAAiZuyg07IejvO3c5JtWU7cBaQ7noX62nUKLYKc00ozRE6wK6fNluG0A3LJWwJggzNctfmkNQp7_AJmIxUrAsj7sjxyiGJXYa0FmiwpQE7TzSz3iGQsn7vV1RxnHB-ZDAs9msvW0B_oeVuVgwEKuucesRB2iEVpvVrrPiJViQq6R6hnwpHKVjChHl6IaS-gRH-limh6Fq02vBrkWagt8BC8x5sZzeEftbuk-JrOdiVpXN2LDmA6Eno57ETGLjOLRSuKFjlameJrzLss7CzQxJeRSaCnHl_qaoecePDxOzic_ojBHIMYOzNFWWSdF6wNQWQwQTGxsZiyWw8vzGK2g0trbrSOONuyEQ8wGUXMp8ZIcLzukwLmk0niaLJB1pN_jeuqJmMia8gOZFP3oHqPWx73rFJriuEuEbnn3bgdbs91cWKqAWGtH9pzpkNQwS4YvqWGSTrQqQ6-IBZRWvmdZjfbgE1nCZ6URCeABktv_nLSlnAFD9JwOoiAEnKPwBgReGE9yacGok9NRvDVPlVFmhtxrvtuh96uAClA2s55k7qVHabzTTn9kqfQBaZCamTXfdEunkzS4VcFLRDb6AcZcwmEzVxf5k6O0zAHechn13LLpbNdK2Xh3X7GMqHAi4ja0-2i3_VdkyxSAGl3uE9fqlYnvhW7NMPfYBApCqPotJDyKS2MZNLQw3hPFWW9kfQWArFkCNd8xigILZAA-Vp46MzlERBPV_9ufMWogyMHtzhB833sP9Ej2cKnOupK26_HwUkNOUcqbVpjQsVn8bhYPfKdnbnCMvQ_cVYFbc-9gnoLo0hKKQ9ob9_at6qTjf41GevCZeIhBtJG-Ztzj31GgooTeZSYGhEl2uy18Olmr6bxf5Vlp6N2FFCZujL1ZvAtd_gE0dojl6Jw4X5y8Mx4pjCMQ57xBKUmJvxg5XWiqG5RxYkqEMnRSAqESJvGbeRljzxZumoxdrH5HNPKjKQaWaXu0COq9GT4jbxjBky2x4J-5c_lhzDQULzVV-3kFqpt_QIYf45C0saAi12JDw738i_zNRnjPWl-CJedhaCPiFR004wXQfTE9pG4Te5TCyqtjaIB3d25i3JGWoOrmfRHzMyTAmx3KUK5EdIKnR7q_iSlC1wMgPWphTNHWAk1QLgBqNTPp0QljVTKewxmlt5Y3mZ6NHxzXrd9v76PeALqLymPTNaaljD7tWrBJVj_pLC3PSeGB7nD-zHdpBNrKv3nwnksZLR41y6OHee-Old7SLHMOrSsX-xyfz-XPKIStHaGtOGyoZo5RG0vpW_MW4nN9eCNqBCv_keRjLZaFYEPxpmkbged7gb6SvZNu4lCCuzIHz41wdFy17wZNyRBYhFUpvJZqkST0QDYTytPzloMOeb6aDZEJKbM1Uue8b23cJFzdcWn3XYSqWSnwnP7olSzddR0COpi3D8pyn4pseHh2g3yG55zfAMcvROEAwLoVBZ59rDRNXYta4Aw10TOmoFXe0pJ25xTCf06-Zj0msbd_5Kim84DETUqBifkH3AuDDfvZI0oErjZR22g2P_MIFDAxJ8IUdLt4s1fDGR_lyqk6ccR8A4VbYyoPblDkX_RnU7pGPQXm6ozxulrA7Ref-1Tq2nZ9pCsHpEYqMLwHy9zT2piW-ZXnMxeXeLYpGMtlmHOemZtbye6sbBPdykXMC0jC6fpEyw5GRKC9RbCGvTapecDNWHF8HN0ctVZFWTSINfY568uLXd1hFj72p6ZjY2j6YCEJPDaNl7tqFLjE4d8MMKckx3QAYaPlCmq-IvLynCwZDDxctmaAfVd7j2t-09WbGa4484BwD3j5KpCEVP3sbRlNSMPgepA5riMEcOISsugkmpgNrYlxUi6FpQTTwWRvWt0aqim100bXltb0GS3M4tDDa5qCLK51aTRjjOikpubvBmqKqW-aZPtWiUiVP4&cid=CAQSPABygQiDtzx6eqUI_q6YKGNR8ycJDd_vwhyicU6wLJ9KNhmBHRuRiW7ywMepllvQpsB_vqL0uHnQdWQ34hgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fvip-iugu.com%2F&ds=l&xdt=1&iif=1&cor=8951421992493104000&adk=1898548631&idt=186&cac=0&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 07:39:33 GMT
4198152013927276683
s0.2mdn.net/simgad/ Frame 6CB0 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4198152013927276683
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f03f0b2789982a4fba8c4ad8cbf9a26f90bb543010b2c59f84ee4f1cb7506f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 07:35:41 GMT
x-content-type-options
nosniff
age
101005
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87486
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 21:21:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 May 2024 07:35:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BBA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
3930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 10:33:36 GMT
etag
48472445140208031
expires
Thu, 25 May 2023 10:33:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 20AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
55155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 20:19:51 GMT
expires
Wed, 22 May 2024 20:19:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 1BBA 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENWuDzmtct86s-A0u_IFWjc&google_cver=1&google_push=ATf1kGOslkCn97upgmLhRFC308QAr3ePticwu8WgF7KdgeEBi9xspg5x9J1oOUe44TsliJVTHEeMNAH92cGUTTYvhrqve5JRxGo
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIs8pEYwv2HZXOoCKTekkUI&google_cver=1&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHe...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o-fSjVUaTWm9N57hKRaJkw2&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHee12_hgRm-cRR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o-fSjVUaTWm9N57hKRaJkw2&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHee12_hgRm-cRR
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 24 May 2023 11:39:06 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o-fSjVUaTWm9N57hKRaJkw2&google_push=ATf1kGOQjkIFZ5KWQBPjE9jb_pABVs2DGqpZPmuTX70-OVS8DUeGZX9x01nKlPo91LQe7JNLC7N7sNXRkyHa3AHee12_hgRm-cRR
x-host
tde-deliveryengine-production-575784b66-qgv2w
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOzcOJstxqPnsQPaAAsYbsY&google_cver=1&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ6q...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ6qcqM0nEXjP8hZwD2ZU-vO
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGMgceA3Xzx9t60tM8-JIJD20Ho3HI7fsyLrsx65qKU_JNVn-z5q_ytSfNEquyMXek_SjJZzNQ6qcqM0nEXjP8hZwD2ZU-vO
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOzcOJstxqPnsQPaAAsYbsY&google_cver=1&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc6G...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc6GTflKWE-OI1C6EakTo2dX
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1NDEzOTY0NzM4NzY3MTU5OQ&google_push=ATf1kGP7SXIwaybAQLlALLufWpnRTvXQHV-24I2cTRPIhT8L37e3XhwwY4SEeV_3rdIXsW9QFQ_ygc6GTflKWE-OI1C6EakTo2dX
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.targeting.unrulymedia.com/csync/RX-41237731-dd67-4c5e-b42f-b728337a3392-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGPm1opZ5RyfP84YSh1vR...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3&google_hm=A0EjdzHdZ0xetC-3KDN6M5I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3&google_hm=A0EjdzHdZ0xetC-3KDN6M5I
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGPm1opZ5RyfP84YSh1vRjOPSv3VrMN8QL2YMlQKgyyxYM7UFqpDUhSUIel5TeyvKmfAB2Maf1ERVXQz67MNLn2wGtp-bqe3&google_hm=A0EjdzHdZ0xetC-3KDN6M5I
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX41237731dd674c5eb42fb728337a3392003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfV...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfVpCk_hGrGH7cEQUjoq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfVpCk_hGrGH7cEQUjoqwL3n0R-TMKknILeb6n-4rkgeoi7Hp1VUY61mdk2jVEWy3pUq5gqinZfTZVhMMVlAd_
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 24 May 2023 11:39:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ec71c50b-3ee7-49f0-8ac6-454b9911c153
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg1NjA0MDU1NjY1NjY1MDUwMQ%3D%3D&google_gid=CAESEDq2jxwPnq6klZN3t5Q7ljQ&google_cver=1&google_push=ATf1kGNbo5IzA3DfVpCk_hGrGH7cEQUjoqwL3n0R-TMKknILeb6n-4rkgeoi7Hp1VUY61mdk2jVEWy3pUq5gqinZfTZVhMMVlAd_
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1BBA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEj2nBYW-...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=59d8d7a1-b30d-4117-b1d3-268fc6501b02&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=59d8d7a1-b30d-4117-b1d3-268fc6501b02&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=59d8d7a1-b30d-4117-b1d3-268fc6501b02&%%GOOGLE_PUSH_PAIR%%
date
Wed, 24 May 2023 11:39:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1BBA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVMDLevNqS99OaVzmh38wi8u0dp836n9ADU_Udhn2WuxgILqp5EviAuhuUXAtr04ESHfBxvBE
Requested by
Host: da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
URL: https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame 20AE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
63944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 17:53:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcBAZWvdtZJeXCZK49u8PmJ-cyA0AAAAAOAHgBAI&bg=!paalpvLNAAZ8_aWmXP07ADkAdvg8WinysUs7WYC-oQ0ukldTL85DHO3UwDDg4G6y2OeNM3FKNxtIfZ-no9Eldqn73wJNQB1KrhYCAAAAaFIAAAADaAEHmQM0xdcsd6lUxeTnfE0R-GTCKNfgj6p47I-5HVHhp8kD36aviiGLt_mG-4VNey__ZQ6B9CJJRgOK2ik2uSu_iy_45xI0-oEPvsQ_FRrzGO_vP69Dki7AESTn4D9_wdjdKG-wb4tCyvXYfMVPmCb7tlUL6kXBHEm6gS6tCKWdiPEoHyy8c6IAKNPY9ciKAbGOlgZJC-isBn6neLZMdXHUdXL1S4lLD5n6JNuHgWeJ8eRqS85QSgBJ2e3CT1XUQPo1tzg3sDl1LKvvJODAh39tHjI5cwr5BCwLmR1ag1cwe0V_kNsZlDbWFveQ4_KdNrgQD5V98pavM9Io7bKJnOggTb3UIfXPD08eUOfrjW2vktz4O5IVV9LFkIkMmCASnTtWyOWkzXtjvj4hOK0Syfnqiw9U0fTvi1H3h8TwFofVRwzDMbB2L5Xf4gXS7u9mO6vKRPi41g8Q4dejDCjbQRvihm_NiTURrllGlU7m7lx_Gcg5Pn-xseFS_Va627IEAuEa0GDUMzNAnk4mR1tLDLpXd_a4KyCOyhiJ9ir4LnXK-qFtnUkEnC7j7zbACLrGbVgRFwNXkU-753RMPcVWxlYXfxk8p0-uN2Dryq3c94Lq6D7PjCXilPOBt0w_4TZJNhgJZKxhph1XereNyjrCjC9_n_1VEZklDjYyfDYV7ZZCx1C9r2c1Bh303-qMjp6vGTW4biG9EnTw7ndQbsnzQopbjUnWBACJhxq3XU_d5xlKVIVSUdatcEUOdieeIN8fb-RMw-AA-6Eue3DQHOxEhxaCidMbp08-ZG_eahpzhanrzKihcaXYRQ3Kp0JbzYgD9QNrlDc8wEXPrnXK0-ULD0mLRdUsGcn_9ymKo0bFdOkgYZFlHl-Mw1GgksTUK9513vvJ2idOZHZzEXdzBC8moxE4ZlYQzJABv5h5OgrO328xCZWKHSRS9BL1pnLEMV68t2Bcp9GxaxhuqsYrcB3NYbq_ukhJaoXT5qskVI6S_wOMWjpDn4wJhmtGvLGL_-p0Y_819jh-YsCx0Yn3primdpu3Yfu5dR06RSUsKvt8P-iSBJF9_ZGu_rKHrfy7hQoLiD_L5ssFziGKow
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2de02cdabb4c0f778f031b6f34bc8f457db9a6040e62b2e5447b9a886fa6ac54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11145
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: vip-iugu.com
URL: https://vip-iugu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 06:10:32 GMT
content-encoding
gzip
age
19715
x-guploader-uploadid
ADPycdtHbm66EVPXQnu6kTQYl7sAj1zetzsfI-yGqDH8Nssw3XNKzk39j3t_kN8OOMdbXbmB2aQyQXBSJLMWCC56lSelk7k3-SPN
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Thu, 25 May 2023 06:10:32 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 19:33:22 GMT
content-encoding
gzip
age
57945
x-guploader-uploadid
ADPycdu_w6x9Wk2JRjYxCsE_OAL1eKgUHba8Wajv-py3gFR1Ps_sRW_cUFU31lU-hsVnh5Cp0puexw8vXMtrjY8b9KN8Jtd72mqp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Wed, 24 May 2023 19:33:22 GMT
trk
tt-10969-0.seg.t.tailtarget.com/ 		70 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10969-0.seg.t.tailtarget.com/trk?tA=TT-10969-0&tJ=_channel:bratargettecinformaticaapple:1|_channel:bratargetdiversidade:1|_channel:fdr:1&tK=1684928347&tM=direct&tL=direct&tN=direct&tY=3&tZ=366959438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
u
b.t.tailtarget.com/ 		72 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a66d3c94dc0b031d93ac626c749b4c946214b2f0f5dffd7776546b4cff8bab5f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 May 2023 11:39:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FA4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
6045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 09:58:22 GMT
expires
Thu, 23 May 2024 09:58:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68C8 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a6c6c23d04d3d5743b2be73611c7cd200d0f5e01241085a9b70e5e3b1e9ca4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CJvAyGCKzqjnzC_HTVOURA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-CJvAyGCKzqjnzC_HTVOURA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:39:07 GMT
expires
Wed, 24 May 2023 11:39:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
pagead2.googlesyndication.com/bg/ Frame 2FA4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s8ditO9N4rSA5jD8b4OXvNFpy85WvJIvPV3ceacow88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 17:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
63945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14579
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 May 2024 17:53:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 68C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=3887249608877984&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2FA4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?n241Cw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CB0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5935472346484&version=m202301230201&ct=76&x=1&cor=8951421992493104000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
b.t.tailtarget.com/ 		146 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10969-0&tY=1&tS=2&tU=0100007F5BF76D64D006AE35025E571E&tX=b.52&tZ=93826981&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
6e3575a56a84c50adf39779fe666c6a8f72aeac1d16fe2807206cc9440712c10

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ca
tt-10969-0.seg.t.tailtarget.com/ 		99 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10969-0.seg.t.tailtarget.com/ca?tZ=89945796&env=_ttqtt_terra
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
16424c33239cd6211f1b2b9cf7b0ad98b278e98bf05ab7d2c333fadb38dc0223

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10969-0&tE=0&tF=&tI=_paris_ile-de-france_fr_1684928347571_1558107152&tJ=CA6935,CA4723,CA4729&tQ=bratargettecinformaticaapple,bratargetdiversidade,fdr&tU=0100007F5BF76D64D006AE35025E571E&tX=b.52&tY=1&tZ=198622927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=3887249608877984&bg=!ICOlI3fNAAZ8_aWmXP07ADkAdvg8Wqg8_nzdPZzpMTdr4FMdqnjHuWdNo8XMd_e-oDOvMLFM8T9qQd_AC4UzP4-6sDevYPDh0ewCAAAAdlIAAAADaAEHmQKayl4bHkXaearPxik8z2JsibaUSVZSGoD1nzuPLWnUjpz48f4DkdvfXaPrDWbOVtuLQFBWlcVuBAjUYfp7_OdiiKuBeo03ChkSaMhLRGe6t8X3G4owXsUIL9OWvseVBhy9t_OTFTvO2_MX3vcWF0tVS0-h6jy7q74fHtVwlbIFzQzlCUgL-R_KUa3E1h3clGTfS_RmUbDklnDe9q4aYPlAdCKr8mJjKmAYm1oS-PrzusfV2ByXpjJV5fiRv2JUYCD-6ZGX_Kt_fWRMihsrW43oJ5OIuM8iqC7KMEMN2364NcX7ijuqPciMmVNJJ7wl5c8QFnmMezvg3r0Q-8YfCOle54Tm3wG-xMsw62WATtw2TdI-A-Qi4yXJsaHYcYYXTl41RdksydQTLe7HcIaVGiKQtPIr1uj17nigeq8QAP95SWz1IujpGXBLrXV0n4CovXUp-T5rqp7fq90tk-f5KhiL79xhd1dO8FdcpVrZ-ZZZy_L-2ZA2H6qN1PuLOOozxenlPwK9tJTJKyX48E6mGsuyUP4gtQu5L_90cwymFh48FK-FQtDv00EECc2SOH5ZoaD9GPoamXVnSMF33L87OS-DlZTSXxscb5BHSTaPr-Dn86N2HIdg90So2ZUG3ELTf6cZeMz6PCyIBkYb-S6mvThy55eILP12iOYYxd4zXwoCWw6d_tUL4mXvifjjcRQPucCYdS7fN3jfvAaDn-8uEWUJeuMhHeACka7qIbgywFQc1WHnawe9R6IRNdle0aK0yM0R-Vp5ywQUQHJjt7va5TxV3dazbXtSrcnpFYUXSAVrmFxxyDLOMR05PZH8UHjMIFnlsjMnnoibiitcv2ApSRXMxcJ25L6ubJooj_23Specoor_OaAuXJwRi29R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffdr.com.br%2F&domain=vip-iugu.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://vip-iugu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 24 May 2023 11:39:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
302884
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffdr.com.br%2F&domain=vip-iugu.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vip-iugu.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
227455
expires
0
checksync.php
contextual.media.net/ Frame 42C0 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3442721e23074f3bc60761bf6e20ce8f2b362b147526863aa0beb68add084c68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8368
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:08 GMT
expires
Fri, 26 May 2023 11:39:08 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 907E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 May 2023 11:39:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1FE9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:08 GMT
ETag
"623de86a-cf34"
Expires
Thu, 25 May 2023 11:39:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 67D8 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0e2ad06743bab68c11b9b1dfbde822baf4c07adfaf3c94641399cf8bb8d0ddbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12034
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:39:08 GMT
expires
Fri, 26 May 2023 11:39:08 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame D705 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.gridmidia.com
URL: https://ads.gridmidia.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://vip-iugu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 24 May 2023 11:39:08 GMT
ETag
"623de86a-cf34"
Expires
Thu, 25 May 2023 11:39:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=213484b6-5433-458f-ac1e-d932d269ee7f&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
649179
content-length
0
expires
Wed, 24 May 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENJKVXguq0Z7QcmTBGemRxs&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MjQzMDcxMDEyMTQyMDgyMzQzNQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:07 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
date
Wed, 24 May 2023 11:39:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.185.151.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-151-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:08 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2430710121420823435&gdpr=0&gdpr_consent=
pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usync.js
eus.rubiconproject.com/ Frame 907E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 21:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34637
Connection
keep-alive
Content-Length
10085
Expires
Wed, 24 May 2023 21:16:25 GMT
async_usersync
ib.adnxs.com/ Frame 1FE9 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
AN-X-Request-Uuid
52bce242-7845-4b02-a63a-0618c4a24b78
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D705 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
AN-X-Request-Uuid
21f51de0-8e52-4cd7-9544-c563d870bd78
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame 67D8 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3279299430715216000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 24 May 2023 11:39:08 GMT
sync
gum.criteo.com/ Frame 67D8 		60 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
830174
expires
60
usync.html
eus.rubiconproject.com/ Frame DD06
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 May 2023 11:39:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 24 May 2023 11:39:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
sync
x.bidswitch.net/ Frame 67D8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.91.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-91-78.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 67D8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us
sync.go.sonobi.com/ Frame 67D8 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=son&refUrl=&vid=49283482043279299430715216000V10&ovsid=[UID]
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-9
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 67D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283482043279299430715216000V10&ovsid=__ZU...
60 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283482043279299430715216000V10&ovsid=__ZUID__
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:08 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=zem&refUrl=&vid=49283482043279299430715216000V10&ovsid=__ZUID__
Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
252
Content-Type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame 67D8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=orSuJq5Dl1WqZ7hV3hV0&pi=medianet&tc=1
61 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=orSuJq5Dl1WqZ7hV3hV0&pi=medianet&tc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 24 May 2023 11:39:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 24 May 2023 11:39:08 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=orSuJq5Dl1WqZ7hV3hV0&pi=medianet&tc=1
pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT, Wed, 24 May 2023 11:39:08 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
log
c21lg-d.media.net/ Frame 42C0 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3279299430715216000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU9MORS2&prvid=2034%2C2033%2C173%2C251%2C175%2C450%2C331%2C178%2C233%2C3018%2C3017%2C159%2C214%2C236%2C3016%2C237%2C117%2C338%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C3012%2C182%2C3010%2C141%2C262%2C461%2C222%2C201%2C3007%2C246%2C345%2C4%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C208%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:08 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 24 May 2023 11:39:08 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 34C5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449033279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame DD06 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-126-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Wed, 24 May 2023 11:39:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 May 2023 21:16:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34637
Connection
keep-alive
Content-Length
10085
Expires
Wed, 24 May 2023 21:16:25 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C08B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4292465&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e627f864350a96265d75ae65776c13dfbae7cfe8e88da0c6512a4888fd3d9b2f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 24 May 2023 11:39:06 GMT
content-length
1345
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 02D8 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 24 May 2023 11:39:08 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0D8F
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qgx3nxk5xz5x
42 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qgx3nxk5xz5x
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 24 May 2023 11:39:09 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=qgx3nxk5xz5x
lws
42
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 3D2E
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhWShRRVVVXMTgjg&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhWShRRVVVXMTgjg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 24 May 2023 11:39:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjhWShRRVVVXMTgjg&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame D654 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 24 May 2023 11:39:08 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame 3408
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=584360697
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=584360697
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 24 May 2023 11:39:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 24 May 2023 11:39:08 GMT
etag
RX41237731dd674c5eb42fb728337a3392003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=584360697
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame BF08
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:09247A3C1567485EB0C6C88506C52083&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:09247A3C1567485EB0C6C88506C52083&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 24 May 2023 11:39:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 24 May 2023 11:39:08 GMT
expires
Tue, 23 May 2023 11:39:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:09247A3C1567485EB0C6C88506C52083&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
cksync.php
contextual.media.net/ Frame 6162 		61 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3279299430715216000V10&type=pba&refUrl=&vid=49283449413279299430715216000V10&ovsid=1663283F-490C-4B0F-83AC-BF248722F976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Wed, 24 May 2023 11:39:08 GMT
expires
Wed, 24 May 2023 11:39:08 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
mw
mwzeom.zeotap.com/ Frame C08B 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=1663283F-490C-4B0F-83AC-BF248722F976
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cc541a338c202bf-CDG
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame C08B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:13 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:13 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=1663283F-490C-4B0F-83AC-BF248722F976&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C08B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4354139647387671599&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=cb48b995552f7aca
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108cb618385e&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBqLV7YpGjqq4LZepKu6qCw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBqLV7YpGjqq4LZepKu6qCw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108cb618385e&zcluid=cb48b995552f7aca&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cc541a4397402bf-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBqLV7YpGjqq4LZepKu6qCw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=28757ca2-3178-4197-7236-6b7e2b6ae413&reqId=809fd480-824e-4a38-594f-108cb618385e&zcluid=cb48b995552f7aca&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1FE9 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:09 GMT
AN-X-Request-Uuid
c6ec3fec-c484-486e-a04e-a3b72a9c46fd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D705 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 24 May 2023 11:39:09 GMT
AN-X-Request-Uuid
b4806e1c-2b1d-4cbd-876b-6208ca323852
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z3Y9B77KYR&gtm=45je35m0&_p=713924905&cid=611117631.1684928343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684928344&sct=1&seg=0&dl=https%3A%2F%2Fvip-iugu.com%2F&dt=Usu%C3%A1rios%20relatam%20dificuldade%20em%20sacar%20dinheiro%20desta%20conta%20digital&en=9a745eaa07b81236c4f486e5cd37f511b2b2b063&_ee=1&ep.event_category=indash_trackable&ep.event_label=9a745eaa07b81236c4f486e5cd37f511b2b2b063&epn.value=1&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z3Y9B77KYR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vip-iugu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 May 2023 11:39:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vip-iugu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C08B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3279299430715216000V10%26type%3Dpba%26refUrl%3D%26vid%3D49283449413279299430715216000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:39:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff2
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff2
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2
Domain
fdr.com.br
URL
https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fvip-iugu.com%2F&rid=esp
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/speakr
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fvip-iugu.com%2F&rid=esp

Verdicts & Comments Add Verdict or Comment

446 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 boolean| credentialless function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| TRC function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level object| google_js_reporting_queue number| google_srt object| google_logging_queue function| google_sa_impl object| ggeac undefined| href object| dataLayer function| ga function| sha1 function| trackables string| pageID object| myT object| idTrackables object| pbjs object| urlParams object| gmAdSettings object| _taboola object| googletag object| gmAdCmds object| gm_Rec function| gtag object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| PushnewsSubscription object| cmTag function| webpackHotUpdate function| startCMTagMain boolean| ewww_webp_supported function| teadsPassback object| eio_lazy_vars object| rmp_frontend object| global function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| TIMERS string| terra_info_channel string| terra_info_channeldetail object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| terra_stats_metrics object| _comscore object| _ttconversion function| terraSendMetrics object| _tblConsole string| pm_pgtp undefined| msg boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand undefined| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| LazyLoad string| vpaidId function| OvaMediaPlayer function| getFunctionFromString object| IlabsPush object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy boolean| google_measure_js_timing object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED object| apstag object| _aps object| __buffer object| teadsscript number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle object| recaptcha string| google_user_agent_client_hint function| shouldAutoScale function| constrainSrc object| lazySizesConfig object| lazySizes function| $ function| jQuery object| RateMyPost object| webpackJsonpRateMyPost number| viewportWidth object| body object| mainMenu function| menuToggle object| subMenu object| subMenuList object| subMenuUL object| subMenuSpan object| subMenuSpanText object| searchForm function| searchToggle object| latestNews function| subMenuExpand function| subMenuCollapse function| subMenuMobile object| Cookies object| COMSCORE object| ns_p object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| gmAdDebug number| gmAdReloadTime boolean| gmAdUseLazyAds object| gmAdUnits object| gmAdMapping object| gmAdReloads object| gmPBPendingUnits number| gmAdPB_timeout number| gmAdPB_fail number| gmAdPB_fallBackTO object| gmAdPB_adunits object| gmAdPB_executed object| gmAdPB_displayTO object| gmAdAPS_slots object| gmAdAPS_slotConf object| gmAdBidRequests object| refreshRequest boolean| gmAdhasRubicon boolean| gmAdhasSmart boolean| gmAdhasVerizon boolean| gmAdhasAppnexus boolean| gmAdhasProjectAgora boolean| gmAdHasMedianet boolean| gmAdHasTeads boolean| gmAdHasTaboola object| adMaps function| runCommand function| gmAdInterstitial function| gmAdAnchor function| gmAdTopAnchor function| gmAdUnit function| getAOLPlacement function| getPrebidMap function| gmAdReload function| adBidBack function| gmAdRunBids function| biddersAllBack function| renderAd function| renderAllAds function| checkBidders function| dl object| apscustom object| size object| cmd object| map number| w object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| signal_decrypted object| TTTagManager function| TTTagManagerError object| _ttqtt_terra object| _pmk function| TBWidgetFacebook function| TBWidgetTwitter function| TBWidgetShareThis function| TBWidgetGigya function| TBWidgetPinterest function| TBWidgetReddit function| TBWidgetWhatsApp function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| jh object| _pm_mcg object| pbjsChunk object| _pbjsGlobals object| mnet object| google_tag_manager object| teads function| onYouTubeIframeAPIReady number| _siteid string| _endpoint object| gm_RecWidgets function| _gmrDebug function| _gmrRenderWidget function| httpObject function| fn string| trc_article_id object| TRCImpl string| GoogleAnalyticsObject number| taboola_view_id object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent string| n string| nq object| cmds object| tt_terra object| ttcNamespace object| valid function| callback function| validar string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| tbopt object| tempEl string| tempAttribute function| TTBase function| ttBaseE object| _ttqHolder object| GoogleGcLKhOms object| google_image_requests

152 Cookies

Domain/Path Name / Value
.vip-iugu.com/ Name: _gid
Value: GA1.2.444436593.1684928343
.vip-iugu.com/ Name: _gat_terra
Value: 1
.criteo.com/ Name: uid
Value: 213484b6-5433-458f-ac1e-d932d269ee7f
.openx.net/ Name: i
Value: 1f982cd7-e14d-0eba-2899-2a0d7bdd9e7c|1684928343
.scorecardresearch.com/ Name: UID
Value: 190f50ef3157c743b6bd5871684928343
.quantserve.com/ Name: mc
Value: 646df757-9dcf0-c155a-f0a05
.adform.net/ Name: C
Value: 1
vip-iugu.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.vip-iugu.com/ Name: _ga_Z3Y9B77KYR
Value: GS1.1.1684928344.1.0.1684928344.0.0.0
.adform.net/ Name: uid
Value: 4354139647387671599
.vip-iugu.com/ Name: _gcl_au
Value: 1.1.1631397617.1684928345
.vip-iugu.com/ Name: _ga
Value: GA1.2.611117631.1684928343
.vip-iugu.com/ Name: _gat_UA-59848279-52
Value: 1
.vip-iugu.com/ Name: _gat_gtag_UA_11458372_19
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 354652=5465499
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qt%3D218_2023_14360t%3B%24dma%3D0
.adnxs.com/ Name: uuid2
Value: 5856040556656650501
.doubleclick.net/ Name: IDE
Value: AHWqTUmsLza-_8BVbwx_u7GK3whr6_aIgTyS6lPwl-v2sMysjD8Djabo_9Yog29aVj4
.rubiconproject.com/ Name: khaos
Value: LI1MTZBH-9-NGY
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrmZIsII1/rxsWxZQUMNpzzGXFcqoZw1m5zySnVs5GPClsMBCMnryM3QtLnk4mrIIEgiN90qBb31Oca4tzOesSp0A+VO7RH1E0=
.smartadserver.com/ Name: pid
Value: 2430710121420823435
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qt%3D218_2023_14360t%3B%24dma%3D0&c=1&l=538676763&lo=-2044393348&lt=638205251446153275&o=1
.vip-iugu.com/ Name: __gads
Value: ID=eb8c64abebb47475:T=1684928343:S=ALNI_MZfjznVK8BLDPzw8L3YStqDuwjOCg
.vip-iugu.com/ Name: __gpi
Value: UID=00000c33aa748377:T=1684928343:RT=1684928343:S=ALNI_MaXjBsIuKbLirEAPhS1KaLobF43HA
vip-iugu.com/ Name: trc_cookie_storage
Value: tbl_rtus_id%3DxaAkzV-RXtjJ6FqCBjbiRAKCH6zg3bUC
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mrc0MDM0s7A0MxPiM9S1TPYNczQ1DAh0SgoDAI5Ng90lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mrc0MDM0s7A0MxPiM9S1TPYNczQ1DAh0SgoDAI5Ng90lAAAA
.mfadsrvr.com/ Name: c
Value: 1684928345
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684928345
.mfadsrvr.com/ Name: tuuid
Value: 3f81006b-d13f-4282-a9d7-4f4258ee55c1
.bidswitch.net/ Name: c
Value: 1684928345
.bidswitch.net/ Name: tuuid_lu
Value: 1684928345
.bidswitch.net/ Name: tuuid
Value: 59d8d7a1-b30d-4117-b1d3-268fc6501b02
.turn.com/ Name: uid
Value: 8142337278588068361
.openx.net/ Name: pd
Value: v2|1684928343.2|iygevNgun0.mWkifcsHqGgqsLiSommOnsgi
.mathtag.com/ Name: uuid
Value: 9229646d-f759-4700-95c1-383303285949
.casalemedia.com/ Name: CMID
Value: ZG33WUCmdsnwNP.4UHU-RgAA
.casalemedia.com/ Name: CMPS
Value: 2157
.casalemedia.com/ Name: CMPRO
Value: 2157
.go.sonobi.com/ Name: HAPLB8S
Value: s859|ZG33X
.mfadsrvr.com/ Name: ssh
Value: !medianet,1684928345
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1663283F-490C-4B0F-83AC-BF248722F976
.adfarm1.adition.com/ Name: UserID1
Value: 7236712137899833488
.yahoo.com/ Name: A3
Value: d=AQABBFn3bWQCELxhfJQnFCCo6r0hQBL1_d8FEgEBAQFIb2R3ZAAAAAAA_eMAAA&S=AQAAAjtaQBl28f3mxI09XI95kRg
.bidr.io/ Name: bitoIsSecure
Value: ok
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 596fd1f11be1d09e
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZG33WQAMcZ4JegAp
.bidr.io/ Name: bito
Value: AAEOSU7I2-8AACBVUGRWWg
.w55c.net/ Name: wfivefivec
Value: K5IyZHMN1Q1MPD5
.linkedin.com/ Name: bcookie
Value: "v=2&4ce9f653-3fcf-43f9-85bb-70e15ef5498f"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ5MjgzNDU7MjswMjF7HbMjy8nbi/hz0YFJVAX0EX5YyKBLkQTvIvqeK/EdAw==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2932:u=1:x=1:i=1684928345:t=1685014745:v=2:sig=AQHiwYp2Yqo5lfvrD4XhLZbo9DXT1v8m"
.amazon-adsystem.com/ Name: ad-id
Value: A3uNR8WUK0UUtePLWxprjx0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
ads.avct.cloud/ Name: uuid
Value: 226810f8-8988-46e1-98a4-666a37ae3f25
.csync.loopme.me/ Name: viewer_token
Value: 8554c0d7-28d6-46b5-92e5-1a372b07fb50
.justpremium.com/ Name: jpxumaster
Value: um-beb33d75-7633-4c12-9473-376bff5b3711-1684928345
.justpremium.com/ Name: jpxumatched
Value: ox
.admixer.net/ Name: am-uid
Value: e1f8f63c98954d2fabdc4e20b67e730c
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41237731-dd67-4c5e-b42f-b728337a3392-003%22%7D
.w55c.net/ Name: matchopenx
Value: 5
.demdex.net/ Name: demdex
Value: 12862896502025257551065773467359912080
.admanmedia.com/ Name: ac_r
Value: CS159
.admanmedia.com/ Name: admtr
Value: b1a6935b-f581-4405-9082-d8cc2a0cfc83
.doubleclick.net/ Name: APC
Value: AWEbyIHItxzl9RPZVQv8sATQQYHDHU4A18a6bIVDLtehhjWG2q5G
.onaudience.com/ Name: cookie
Value: cb48b995552f7aca
.onaudience.com/ Name: done_redirects104
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 12862896502025257551065773467359912080
.quantserve.com/ Name: d
Value: ENoBHgGIKfijCJiTCuu4EM-7EA
.vip-iugu.com/ Name: _gat_gtag_UA_207012791_1
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2btn:18z8~2btn"
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVLrjcOZ!]tbPl1M>e)ZlrFUfJ+tGXxoD[J)H8ZqScCJ(NzYbRc.Z`Zulmc?0oulHD4k3If)y3KL9D3I?+ji5.55
.ctnsnet.com/ Name: cid_6086bafc6bcd47feaf07988416c9e5ec
Value: 1
.vip-iugu.com/ Name: cto_bundle
Value: ajXXtV9lVTdNNUhkNVBVNUdldE9qJTJCSUF5U0F2Yjl5dWVqWkJkY09DVmxMNUd4SlhrczlNbjg1JTJGQ3JPczZuRXBZUHNNN2RMOHUlMkJIRHVJSWNXMzQlMkJWQWxlTG9LREx3dXBaOTclMkJZVXZJVnYzcFVmJTJCQm5BRmQzaTFkVHJwcE5BbWRSeHlCSkVtMHdFRXRtJTJGSnhIdzB0NWFKYzBBUSUzRCUzRA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:9229646d-f759-4700-95c1-383303285949&KRTB&16736-uid:9229646d-f759-4700-95c1-383303285949&KRTB&23019-uid:9229646d-f759-4700-95c1-383303285949&KRTB&23114-uid:9229646d-f759-4700-95c1-383303285949
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5856040556656650501&KRTB&23339-5856040556656650501
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7236712137899833488&KRTB&23369-7236712137899833488
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4354139647387671599&KRTB&23263-4354139647387671599&KRTB&23481-4354139647387671599
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8142337278588068361&KRTB&23150-8142337278588068361
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727906168966
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l&KRTB&19420-V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l&KRTB&22979-V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l&KRTB&23462-V2UV5gdmFrVMaEfhB2EO4VBkFuNMNxPjUWTzY53l
.weborama.fr/ Name: AFFICHE_W
Value: ChrVh@In5-kK27
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFiaWRhbGJmZGi5igWJb2xkAQAUO7VaIAAAAA
ads.playground.xyz/ Name: connect.sid
Value: s%3ADt8QPdtQGjj1OMUMUA0KDI3OR2LXu1da.j2W8yhAcxcQXCA%2FxPUCOAKd3cdcwl0PmhSxEnPl3t20
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENRkuitHRKXo5Z54iiIEXi4&KRTB&22987-CAESENRkuitHRKXo5Z54iiIEXi4&KRTB&23025-CAESENRkuitHRKXo5Z54iiIEXi4&KRTB&23386-CAESENRkuitHRKXo5Z54iiIEXi4
.adsby.bidtheatre.com/ Name: __kuid
Value: 2f9d9f5a-94d6-48f7-b2a3-50eb1e37d001.454142346
.simpli.fi/ Name: suid
Value: 09247A3C1567485EB0C6C88506C52083
.audrte.com/ Name: arcki2
Value: 9afHEdWncVDRMKR3a5-eHFHuA!20220908!1684928346357!ip#92.222.212.16
.audrte.com/ Name: arcki2_pubmatic
Value: 1663283F-490C-4B0F-83AC-BF248722F976!20220908!1684928346360
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-59d8d7a1-b30d-4117-b1d3-268fc6501b02
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-1663283F-490C-4B0F-83AC-BF248722F976&KRTB&23413-1663283F-490C-4B0F-83AC-BF248722F976&KRTB&23479-1663283F-490C-4B0F-83AC-BF248722F976
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEOSU7I2-8AACBVUGRWWg
.audrte.com/ Name: arcki2_ddp2
Value: 9af9JDbQVM3QpuKDi8TpegfYQ!20220908!1684928346466
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A3E7D28D-551A-4D69-BD37-9EE129168993%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2dde34ec-42ca-5f8f-56e4-1d7fe2c071f3.0t3K4Q2U%2FQIS6uEzpTQCjzEyCi2qkwc19ujf3I%2BLwUg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALd407ELKX49W5B1_4sBx81ze1BA.gix5%2B8b6DurFU%2FfUcWq4sq21luYvWhECY5%2F64apKnzE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALd407ELKX49W5B1_4sBx81ze1BA.gix5%2B8b6DurFU%2FfUcWq4sq21luYvWhECY5%2F64apKnzE
.tribalfusion.com/ Name: ANON_ID
Value: aNnseFyg6AbrA7u8QGkNZca9sTFnW5XxCXxXbYApUALOR3ZdXrJZbuZcgp01rZatpLwGqKAF3Jv5kKW4ZaaCZcWRZcOv
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Ld407ELKX49W5B1_4sBx81ze1BA&KRTB&23334-Ld407ELKX49W5B1_4sBx81ze1BA&KRTB&23417-Ld407ELKX49W5B1_4sBx81ze1BA&KRTB&23426-Ld407ELKX49W5B1_4sBx81ze1BA
.audrte.com/ Name: arcki2_adform
Value: 4354139647387671599!20220908!1684928346623
.audrte.com/ Name: arcki2_smart
Value: 2430710121420823435!20220908!1684928346755
.adotmob.com/ Name: uid
Value: 091e2204019d8a537ced53ec
.adotmob.com/ Name: uuid
Value: 091e2204019d8a537ced53ec
.adotmob.com/ Name: partners
Value: SMA%3A1684928347055
vip-iugu.com/ Name: tt_c_vmt
Value: 1684928347
vip-iugu.com/ Name: tt_c_c
Value: direct
vip-iugu.com/ Name: tt_c_s
Value: direct
vip-iugu.com/ Name: tt_c_m
Value: direct
vip-iugu.com/ Name: _ttuu.s
Value: 1684928347253
.tt-10969-0.seg.t.tailtarget.com/ Name: trk
Value: o5OMEdhKCG66DT8MnnrmwX/EjMXCdF9D30Ghz4J69mlqpraDJeKwJtPnib3+ZDz/v8RIT/MK1W7uc9KC8WfulFdciCujUruT5qr8568QRoA=
.t.tailtarget.com/ Name: _ssc
Value: y
.t.tailtarget.com/ Name: u
Value: fwAAAWRt91s1rgbQHldeAgB=
vip-iugu.com/ Name: tt.u
Value: 0100007F5BF76D64D006AE35025E571E
.t.tailtarget.com/ Name: ttbprf
Value: _paris_ile-de-france_fr_1684928347571_1558107152
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
vip-iugu.com/ Name: tt.nprf
Value:
.tt-10969-0.seg.t.tailtarget.com/ Name: ttca
Value: CA6935,CA4723,CA4729_1684928347
.t.tailtarget.com/ Name: n
Value: 1684928347
match.sharethrough.com/ Name: AWSALBCORS
Value: N26aCX5BwbwaYa9b6MW4AeUqDSpZdCfzH+w2mSD4TH0dBmmxBoFFLxAhc+L5PUxLihA3YZtk2GzSVu2YyxAzE9CA/2F0/gYd1YnvWl358tU95z/rn1u5FlDe/i+C
.smartadserver.com/ Name: csync
Value: 22:4354139647387671599|31:59d8d7a1-b30d-4117-b1d3-268fc6501b02|32:8142337278588068361|33:ZG33WUCmdsnwNP.4UHU-RgAA&2157|49:7236712137899833488|66:091e2204019d8a537ced53ec|76:CAESENJKVXguq0Z7QcmTBGemRxs|79:213484b6-5433-458f-ac1e-d932d269ee7f|86:5856040556656650501|91:1663283F-490C-4B0F-83AC-BF248722F976|124:8ad95624-2103-4df6-9f01-7f712a1e7646|127:AAEOSU7I2-8AACBVUGRWWg|130:b1a6935b-f581-4405-9082-d8cc2a0cfc83|134:OB_OK|139:0|141:9afHEdWncVDRMKR3a5-eHFHuA
.pubmatic.com/ Name: SPugT
Value: 1684928347
.creativecdn.com/ Name: u
Value: orSuJq5Dl1WqZ7hV3hV0
.creativecdn.com/ Name: ts
Value: 1684928348
.media.net/ Name: data-rbh
Value: orSuJq5Dl1WqZ7hV3hV0~~1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 159463:4
.pubmatic.com/ Name: DPSync3
Value: 1686096000%3A241_235_201_245_227_226_219_197
.pubmatic.com/ Name: SyncRTB3
Value: 1686096000%3A251_21_220_54_13_81_161_165_214_234_8_88_243_46_166_233_7_22_176_249_254_99_55_238_3_56_204_71%7C1685491200%3A223_2_15%7C1686182400%3A35%7C1687478400%3A203%7C1685750400%3A63%7C1690070400%3A69
.onaudience.com/ Name: done_redirects68
Value: 1
.onaudience.com/ Name: done_redirects200
Value: 1
.media.net/ Name: data-pba
Value: 1663283F-490C-4B0F-83AC-BF248722F976~~8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-41237731-dd67-4c5e-b42f-b728337a3392-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/ Name: zc
Value: 28757ca2-3178-4197-7236-6b7e2b6ae413
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-F1rNcAsvjhWShRRVVVXMTgjg
.semasio.net/ Name: SEUNCY
Value: 914F8FF9314F2B53
.zeotap.com/ Name: zsc
Value: %CE%15%1C%7C%C0%16%F2%A5C%EAnk7-%80%C4%81%17%A5%1C%9B%ACET%BF%F8%A1%A6%CE2%D9%9F%87%F0%C8%FEt%5Bs%A2%86%A7%AAg%B24%00%C7%05m%AE%1D.%D2%EB%26%F2%A88%14%3A%FF%B0L%04%3Em%F1%12%9E%FB%ED%9F1%E6m%E8Ny%5E%E7%D3%AD
.gammaplatform.com/ Name: _aGeoIp
Value: NL|Utrecht
.gammaplatform.com/ Name: _aUID
Value: qgx3nxk5xz5x
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-qgx3nxk5xz5x&KRTB&23446-qgx3nxk5xz5x&KRTB&23465-qgx3nxk5xz5x
.pubmatic.com/ Name: PugT
Value: 1684928349

252 Console Messages

Source Level URL
Text
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff2' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-bold-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff2' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/roboto-regular-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/(Line 2469)
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vip-iugu.com/(Line 2878)
Message:
Access to font at 'https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff' from origin 'https://vip-iugu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fdr.com.br/wp-content/themes/fdr/assets/fonts/proxima_nova_bold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://vip-iugu.com/(Line 2878)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8538744060850645&output=html&adk=1812271804&adf=3025194257&lmt=1684806457&plat=1%3A1024%2C2%3A1024%2C3%3A2162688%2C4%3A2162688%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffdr.com.br%2F2023%2F04%2F26%2Fusuarios-relatam-dificuldade-em-sacar-dinheiro-desta-conta-digital%2F&ea=0&pra=5&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEzLjAuNTY3Mi4xMjciLFtdLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMTMuMC41NjcyLjEyNyJdLFsiQ2hyb21pdW0iLCIxMTMuMC41NjcyLjEyNyJdLFsiTm90LUEuQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1684806461648&bpp=3&bdt=2358&idt=2310&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2485162687399&frm=20&pv=2&ga_vid=2095949300.1684806461&ga_sid=1684806464&ga_hid=840685914&ga_fc=1&u_tz=-180&u_his=9&u_h=1080&u_w=2560&u_ah=1040&u_aw=2560&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1017&bih=620&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44782468%2C44788441%2C44792645&oid=2&pvsid=3671398093396860&tmod=803941731&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=2697%2C73%2C2697%2C73%2C2560%2C0%2C1050%2C708%2C1034%2C620&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2330
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 8)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 8)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 8)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 8)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] This document requires 'TrustedScript' assignment.
security error URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__pt_br.js(Line 38)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fdr.com.br') does not match the recipient window's origin ('https://vip-iugu.com').
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1663283F-490C-4B0F-83AC-BF248722F976&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.gridmidia.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.com.br
adservice.google.fr
at.teads.tv
b.t.tailtarget.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.pn.vg
cdn.prod.uidapi.com
cdn.taboola.com
ced-ns.sascdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.media.net
csp.withgoogle.com
csync.loopme.me
csync.smartadserver.com
d.tailtarget.com
d5p.de17a.com
da3fccaa938b31eba865a198c09eb3ca.safeframe.googlesyndication.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3be9fc44e1bda19450c4f7ca80ab196.safeframe.googlesyndication.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fdr.com.br
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprlatbmp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
la-match.taboola.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
readaloud.googleapis.com
recomendador.gridmidia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
t.tailtarget.com
t.teads.tv
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
tt-10969-0.seg.t.tailtarget.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vip-iugu.com
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.terra.com.br
x.bidswitch.net
csp.withgoogle.com
fdr.com.br
oajs.openx.net
104.111.217.42
104.154.115.30
104.64.126.246
104.80.242.37
13.32.119.77
13.32.99.21
141.226.228.48
141.226.230.48
141.94.171.213
141.94.171.215
141.94.242.226
142.250.185.66
146.0.227.110
15.197.193.217
151.101.1.44
151.101.129.44
151.101.65.44
151.101.66.49
162.19.138.83
163.172.221.209
178.250.1.9
178.250.7.13
18.159.26.253
18.185.151.66
185.183.112.148
185.184.8.90
185.255.84.152
185.29.134.244
185.64.189.115
185.64.190.80
185.80.39.216
185.86.139.104
185.89.210.212
185.89.210.90
193.0.160.131
195.5.165.20
198.148.27.139
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.45
23.35.228.23
23.35.229.56
23.35.236.188
23.35.236.201
23.88.86.2
2600:9000:211e:4800:1b:5138:8a40:93a1
2600:9000:2250:a000:a:e047:753:be1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700::6812:18ad
2606:4700:e4::ac40:a527
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::2011
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9a
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:13::1400
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:24:b002:aa55:d04a:d829:3323
2a05:d018:d29:3601:cc5:dc1b:2834:9d22
2a06:98c1:3120::3
3.120.43.54
3.64.145.154
3.75.62.37
34.102.146.192
34.102.163.6
34.102.185.99
34.102.253.54
34.107.148.139
34.111.129.221
34.200.182.70
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.190.39.111
35.201.123.184
35.204.158.49
35.214.153.92
35.227.252.103
35.244.174.68
37.157.3.20
52.18.135.178
52.212.130.244
52.220.229.2
52.222.208.154
52.28.203.152
52.31.219.190
52.46.128.147
52.58.91.78
54.220.255.219
54.227.251.232
54.78.22.70
64.227.64.62
64.74.236.127
65.9.66.122
67.220.228.202
69.166.1.10
69.173.144.138
69.173.144.165
72.251.241.206
77.243.51.122
80.77.87.166
81.17.55.113
85.114.159.93
95.101.148.20
95.101.149.35
98.98.134.242
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6
02879cae62ad89aabb9030bdeec952a3004c2bcb6453d21bfd50c6c4743f5080
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
04a6c8bef417b9a27f9319e3740ab8947e774de7dc8acce089e28071954636b4
04dde1b786e920066e73005aaf94f863e48ed73ced66f800d111d245ff41495d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dd90eac80906a508dc736207adad90421f22589a8952b360c71c79870b1102
085e0aeecfd75dbf38fec08fdc45ce736d468d3d74ff7d7a2f013e74c8ebb526
09c7337df56735b2aa57e5be9965b98c920c30e04c4ee84a407cf418cb8c08ad
0a92a8a622a12b061f10be9979c811e8fa03fb55b60ade429c2b524bda454f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0c9b8157135bbffc8999f48e73a1814c222b1ea675e99ccd45e4f970b255f7bc
0e2ad06743bab68c11b9b1dfbde822baf4c07adfaf3c94641399cf8bb8d0ddbb
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
124cb9322c99fdd5f2befeffb774b833b866f6490780f69308f94acd2405c718
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13b9799c0cd6a23d6f4fdda4397d3b9cf6c44157698616e3e4f6972dd1390b91
142c015055316ec61082ceb38ff7b6862fe4e90069e0df0f510082f1b50bfcc8
149eae83ae540e86a8dc3c86ccc1c930d262d0acd34f1632be599f3a4ffa6eed
15cce92df3d3ac619f069cb81a99928e863a5d649b59cfa1eed8846cf4efe025
16424c33239cd6211f1b2b9cf7b0ad98b278e98bf05ab7d2c333fadb38dc0223
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19c3afe3615504a7cebfecde0c332a28a906449627ac11d87288cd4771708c3a
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1df4ef080d9c211b26dd2b0bb1229fcce3992e753ba76a101586b74610e50085
1f7ea7ccaa39b1b85704f05b54e7ddd09a0b70a1b48cc0b4ef06664aa5c6fa75
203df605582e48215f26055790c881dba618c2d4bb4539249cdd582e80098aae
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
24962b03bd70f96a56853729353fba38e4c600a7706cab55604ec3a5df04482d
2572d71f4a5192ebdc1a4b3377c65823c2127cb5c71bb58f9b6073280ed80080
263b7334913a79ec50c64e8bce9cdf46ced825cb9716469be84aa643e42e887d
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
293b99a0c3752d64f7d0c79c43811dfdd58bc823a2d60bedd0700ed38a92f09b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ba1097b24ebdb5d1858329e77b0221c1f14869679a87fc20971f332b1318c86
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d4188bba4f93c903ece2c0b785860cdeec6d8f623552f444fbcb0d796adfb13
2de02cdabb4c0f778f031b6f34bc8f457db9a6040e62b2e5447b9a886fa6ac54
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d6619f78dc4b5e77d9efc395852bb97a648678751792b3ad518eb1931254ae
3120301325194853fcf3061e385b2366bbd34f1050ae709d0b8d25273a2cd010
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31973ee663aa6f8fe440e31c7ed3aa3721686455fd22f3282f11812036107ae5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3313b515f9e3a017f08aa623d6cd9f0782bc7e8954f3eede67830f890129800a
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
3442721e23074f3bc60761bf6e20ce8f2b362b147526863aa0beb68add084c68
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e56551608c3f638639a589103f8d010a881c31415be286e6672e2464cc9432
38d689e593eeb507774fc1a7509b206ba316e17a26add68c8129c99afd38c8cb
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
397add1d26d215886969e9fadb5afbd0383bd5160d06f943e7948fcd3153c5cd
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d2bb0bea0d1d190164be112aadcc1b0546b64d272504fc9b1e39dd07862bb5
39ea3d7ab54fa61d4a9d0d06c7e8ba153bce5219b4561bc9dabc3bb208953198
3a97e5ba549115e58b809f5e67eba208a2f09c385e53f0f3ce1c1b9dd3953e5e
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c15ee42da2aebb471fec6c5426bbcd95c87ea87a6ed81f23eed2e5a773614bc
3c19d5b1fb103e9e054bccec4fac5e8aeeead395558e29d81fdf5d16588c82fe
3ca351bb2909e25fa9531d7005806d65e0d6c580fb6f77a991525c619f2c24be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc0e57273a6e0088003f4eda4b25f7d5a13552499b1e7195e8ac4f53b926683
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42eb48f247ae24133002077b73234a67b026b1dc701ab25c1beb601442f7a9d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899
459b41151269206dd67798b6b80a5667423115399fce0a9a16aa44184cd2f49d
46368803ca153af9fe50faa60c46746492b90334e5c454c5b63869a3dc53cc49
463b04c17e4614f510ff963a0cfd18cb58a101d1f77c2c02592f832ade0c9e22
467f464aa1d74d2d34b4302688afcb79b9f61af29ddfba79bd470c5e8e2ba6ea
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fd33ded5563823e40f6c595b4c61d47fbacb03f39b1a3726191bc117af5363
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4a96faebc23c34fa780d756b631f65adb83e98c06e085b46f32e8c6151c736
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4af09459e95d0e3b41af362888811cd76179c3bc5b57da2fa098f7727aaab373
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4bac1ac3c4932377504fe1f8e95886f74ba699c3f3eb565b15e39af1bf1c76
4c6765f6264cccefbd5d6089c902c2560fcc952f1c400c5ff1a18ab81a88c250
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ff55a30c03fbba0a148855dc6c8334bb3c3c4d833519dd7ed78df5ab30465bf
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5090b6dcd149cf54d641335e0274daebebbfc74399fd08b0cc7df14f091a2137
511deaef8f5cc364ceb48f569e6db78230781e766d88740f13ba809bfafd26bf
513d61d3007c8f6d35a4321beea67fbab2d4d64c9ad9d80bd6f0edbfa733926c
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5339348e1162be271a396e08909c4c2eef221f0c5dffc244c966f56e23ca2837
54441e64145a553be7945a2627e939adeeee63fb8e51fd37415b8b7e488afc3d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5463934a02805e1b27bcd6de5ba1aeb5eaff28b8558135f62943e31af688afa3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59816f4c296172650ee886e65e74879fc9df50e783f22825c67d71495a1f3aed
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b4a610893f73da973010d78218696a6a80797be69a9061825e7a55f3a980d7e
5bf51a10483f0a2879ed9c260c5bf8b881108f77679f77d49b1bc9e4e1cdf6ac
604ba4151e685f19bb39de98a50f4f9efb4ca0b4306b39fb0707410ea0928bcf
60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632575ce3db0542e746998458f980c958f960302ab70b43879eb3a184984bc18
632f6cf84d1938fba2ceab56026cac2ed9a16f6fd2723088e73a535e363ea6da
6339d0a9ed952697ceec234ac5ada09afeef2aab4ce26fff51a86b52fd5fd1ad
63a17a893cdbe9148e3b378916284f9712c44c40bf247db4e7ae5053be2ee8cb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
66414882adccf560a7790b4b8993f7d61a6470ad7872c98b1d9ff7d4b26405d6
67a768fc96c11fc71c968fe2117cb2b00669b04f82fbd746afc266db1dbfefd6
6949875088ed0d2124b4d8d8c0b6669d24fad9bb395e7276445763cad60fa765
6964aaed97b698a98148949d7cab16c56e58df32b6f2ab40110e151b9baf8153
6988d1a2ac4e6b0249a9c9a38b1c9e89dffb5b1477d8e1979e2432e661225f78
69dd68a144929065062236a040c3fd8a276c55736a91d532d4542aa0e0e02c80
6a6c6c23d04d3d5743b2be73611c7cd200d0f5e01241085a9b70e5e3b1e9ca4d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b997268b2fd895bbf751e7c61a0a5a99f8d0cf214b10f569a766c8b084abb77
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
6d699557a560175a942aa8f251da48154a20c38e1c802d694d0f86b8645a672c
6e3575a56a84c50adf39779fe666c6a8f72aeac1d16fe2807206cc9440712c10
6f170e41fd143aba25a29a7f83762ca400d552d00ec7657c4fb0f2c7f31ef3e7
6fca3e3dccdb6cdcf4177cf62a6beb6f7f7c3824082b90d9791936386bf5d4a3
7139acb6ecaa8536e69bcb35b1f70ce5b18c5b3efd13a83e075c7c60e4b4d565
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745456eb15b130594bafc8415421d95b16f60e2d25311443fd348e560576d382
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75eff088a3f0aaaab7aaab4785641d106857cb9d2c91b9bdad90503dd7e84749
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad
769a38b0eea56706a98cbec21c825eac028e372435b9daaa0e56eaf6d8fd06c8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7ae3e5f4de112f53bbf78993ef63ca28741c27c57a1a25635af684897f1dd995
7b910e4605789c3746de76c0a3188e2d4452da933999a0ddbb7769fa6178c629
7c450046da95dc5883b880794d94442b7cacbada3d307c6747df88294731cb6b
7cd7b7e44c8f9f5f4b9e6c9d6302de0f5b373a8c37c7c5dccefe42e50722ef42
7dc10baf81aaa5882d22a2af7063b6a28c6992c2ed2e26de0851a23a18d1baee
8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb
81f17ead3ea5041e6df9d9634dd9673569dbd4707013c96f94aec224de222e58
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842a5cb99887196f73dd5c03ac73a62830394e84ef6dc1b1bb90f7f4a060dfdd
84bf17459cf32b5962b6fb2f20f29a96ac5bb9b600abd544b6d0c05316d09b3c
8638fbcbdae30900f80c7cbe40bfc8525ab0694ce08a6d83d68a563f5f3b64b8
8790111d33a00999347228816e9e9eb52e087adc4d34b3c127c2757571a50b20
88934d1ff27ef5525de46eb1870dc14f06975d376d4d2a190aed17389df9cda8
88c25d1f75182f31a3d1dddec61ec22ffff989cbf09c8b845428701df8276e28
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89f767a4440e78be31cf23757ec3eec8f3c7d133a1af3dd787e6bc45e9bcb3e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a66090e7b66a7a8eaf5a9c3b6f8651bfca9c383d360478e1e6e343768f9cdeb
8b2ad9bc6a935c50ac7b53254616ff80c96fc2630206f855284744db8ab1514b
8bbfd66ec379fe7aae834f17a9d7c61b8697e4a41ae229a351ea30aead93178f
8bee73f396d87abedb349269d1742aee9993b3afa26a42a9be8d8732f11fc94a
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2b7210d5e0c160cc0293f1412fb8f3aa670dcb4609826fd3516d709b4e12a9
8eaf9c2f092d7e9365f8831602f55078069433c673bc3a4d0c7281702101f063
8f892a337d2c62d9aa57e67273fdacbb8cf297f4827a30cf0b0fc7a5cc302f90
907661444baeb1c086a2e8b3cf766ec1592689ed2c927b5011f13840752f6ab5
922979163c3ef926f18ce959653ef6553227e598491154980994c8e432dfc902
92969b8a231bd4bf6b2759595bab52a1a3a841ea99d5b31cd18fafef62938914
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b814bf19e372e4b3485f1544dfd5382a33e48e4a91c0f182c85e8fef4ad6ecd
9c694bd0439894dfe6f938712b12e5afeb056d88c4bc1ba4f4db870b37f14090
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ec1b65aaae35a1466449c4da2ba06ebb3ed9512fedb64dae7e55cae7f16d4f2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c69952a16598d69a04bf5c9fc057588c61aee8bfbe38eec8d3e30c054c2fd0
a37142b39db74012425f59610a682b625d2ffb3198a9c123a3c38680f5b0aa35
a415f9d6900febce6dd8d7aa5c1a97b441fc52daafd1d99bed368597366d138c
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a66d3c94dc0b031d93ac626c749b4c946214b2f0f5dffd7776546b4cff8bab5f
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa83595f0510c2944aca41314d4a6496a9ddc46f27805d2c9ac8296ba0307535
aba133f2a29105ff3bb49e7fb4503f1c781966a93f330a2aa8c2f20fda211c20
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
af0b4cde1bc791fa168bb2bbafee92f6b3730ed5b008514ee52d25a684efef80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c762b4ef4de2b480e630fc6f8397bcd169cbce56bc922f3d5ddc79a728c3cf
b49419f9d788b67ef6f7c077d911137a35c1f142bff247a4bef8ee1da0df348e
b64b21400a350483fafe562aff23a10210aac451e18aef7deccf2f867c689b38
b7b3cd74c96838ca9611dda214a04b21ffdc89f03588653f6f5456d667654b92
b8c5d11acb77a376f85d937c5af6012bfd525a295bf707ac91c8217b623701e8
ba347357d1a19f9c51513dabc215f7d388172b55c1686f55b7d17deda90e0a96
baa9aabc4731dfe005b8c4327b460a3806c93494e87ce1f70686617f2c9ce2ed
bad27054e5563d02112308b1faa84bb5e523e070e7a57ba728de6a497090c0bc
bb3c5e7f893bbec614c6800abfd0f97c0aa850b14203ade50dad371a0813d64b
bda3d373f6f5b5aa2fc5b844e2b9a55be0eac547e884ce4b76c09a8418580c8e
be95fcfef8b782ee5f2f61a4adf5bb27d8139812d7640137e1f8f12d41a4073b
bf3c408ef00e3ce08742140076ca523a9538ccbce07ef3b61ac19ca97d758ac5
bff572ec9342764949f6cf133956759760a35804fa483e42a19fa2ba71db2477
c05a1108c176130e9dff2f6a5ebdb60be1c3e17b5a8f83de35b29f44fb109434
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6c7a31078a5059c629d48d6f26d3176592e36364d415d03e70e9e03cc9ccf19
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c903ea8907d3f1da969555bb69e6d5beebc6b5e65c3a40dfb4831c179d018854
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
cae4aa55cc31f90e6cfa65cbed6cccbe0a0f78af9d863b3fb48372e5623c5a3d
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cd91ab6a0bee607b6f6935fccab293c790ea25ce74f8b1bb286495f2960af21d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b3e4f25c362d4374f2460b23eef70652f51fb3c5fa86b8dd1c03c09f519514
d44acd3576631e31b8f44edad85eb0ca040551af63e719c4245f8dc65c575013
d59fdfe1274898c5a44889c3566ebcc1aecc7b6ed595047f1224e4fac86950a5
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d91ee0960b7dfb1d84d8e47cdecea1738cec398e1f6d88a5dbdc27bb92b3014e
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d98a829a816ae5c0f4d89d95b56bcf31d2ea90d6a6a49c48f13c8f8dd0620563
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4c28508b438e49632f243b488c493f88a1166d0a39345de07bfdcab00c3bfe
e228aaa5baaa5f1355e4959ed4d934bf4e810b9f4d644705a2e3b8a6cf9f007e
e2b1a7f14cb9db010e10b9e983aab0c2e619a529ea7f29d8a310a032c8ef5e54
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43c006f9d499a62af042430e79d3e207d99dd1008edd48f03f56ffadf0e442c
e627f864350a96265d75ae65776c13dfbae7cfe8e88da0c6512a4888fd3d9b2f
e63c7b95576f35b85b95a5a40b0a5c1ad33dc31ebed1917afe2e1c6667a12282
e749404a407ecf6f327a91e6582e330727b9c1930d62365ef5c3491cf9c9a33e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e90435ac3c24ff6afe8197a366adb76938bd5b646793fd69002d1113aa16673f
e9f02c81fc05bdee4b86b056fa779c5308b200d7cba62e445c2b2f677d9e74cf
ea9c86be74ab4655f4a7b95e53f82c3b89ec26922cda252e7e7a4d997de4bb70
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f03f0b2789982a4fba8c4ad8cbf9a26f90bb543010b2c59f84ee4f1cb7506f33
f0afc9da05c2ed14d96856c87cdf788129164e1a6aa791ece607aaad969b0c5f
f179a27df8ba6a329b5d7c0bb35ec7a5dc75808e606e5c51a625fa5f0caba4e0
f26d42c4e956b92a1a7d3fdb5816493911aed0e91067ed153e7004726e37a47d
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6886142d64d3a0bc2fd133cdf12f1b5b2e30f62e9ea760f3e777ab4ccb9a28f
f72beeb43a71e524d75f29e9ff3c6ef5ad1451f38ccfd5d9e46d01c5fbba8a55
f7dac3af3c01cb6b74ccf5cd9d195a76fd90acfe304caecf5c3c6e1f66f5f93e
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
fef9bdb0e588f1f297c65edb1f1678de348c48ca1a68356bd875ac997ccb8ea4